Information Security Consultant (SaaS Security)

TL;DR

Information Security Consultant (SaaS Security): Securing the organization’s SaaS ecosystem by assessing, implementing, and monitoring security controls across platforms like Microsoft 365, Salesforce, and Workday with an accent on risk management, configuration oversight, and compliance. Focus on translating enterprise security requirements into practical standards, driving remediation of SaaS-related risks, and advising cross-functional teams throughout the SaaS lifecycle.

Location: Hybrid (New York, NY; Boston, MA; Springfield, MA). Must be based in or able to commute to one of these office locations.

Salary: $110,400–$144,900

Company

hirify.global is a leading mutual life insurance company dedicated to helping people secure their future and protect the ones they love.

What you will do

• Provide security advisory and risk analysis for enterprise SaaS usage and configurations.
• Collaborate with cross-functional domain owners to define and maintain SaaS security baselines.
• Review SaaS architectures, integrations, and data flows to identify and mitigate protection risks.
• Monitor for misconfigurations and shadow IT using SSPM tools to drive timely remediation.
• Support ongoing assurance activities, including periodic posture reviews and control attestations.
• Report on SaaS security trends and systemic risks to security leadership and governance forums.

Requirements

• Bachelor’s degree in Information Security, Computer Science, or a related field.
• 5+ years of experience in Information Security, Cloud Security, SaaS Security, or Cyber Risk Management.
• Strong working knowledge of SaaS architectures, shared responsibility models, and identity governance concepts.
• Experience interpreting regulatory and privacy requirements into practical security guidance.
• Ability to influence stakeholders across IT, legal, and compliance without direct authority.
• Proficiency in security frameworks such as NIST, ISO 27001, or the Cloud Security Alliance (CSA) framework.

Nice to have

• 8+ years of experience in information security or cyber risk management within complex organizations.
• Professional certifications such as CISSP, CISM, CCSP, or CRISC.
• Familiarity with SaaS security tooling including SSPM, CASB, and GRC platforms.

Culture & Benefits

• Comprehensive health, dental, and vision insurance plans.
• Commitment to an inclusive work environment that values diverse perspectives and professional development.
• Emphasis on work-life balance and agility in managing shifting priorities.
• Opportunities for continuous learning and innovation within a collaborative cybersecurity team.