We're in beta · Starting with US & Canada · Shipping weekly — your feedback shapes RiseMe
RiseMe
LoginSign Up
Northern Trust Corp. logo
Northern Trust Corp. Verified
Financial Services, Investment Banking, Asset Management

Security Analyst (contract)

Chicago, Illinois, United StatesOnsiteContract$45–$53 /hrPosted 1 month agoVisa sponsorship available

Compensation estimateAI

See base, equity, bonus, and total comp estimates for this role — free, no credit card.

Sign up to see compensation estimate

Role Summary The SaaS Security Operations Engineer is responsible for safeguarding the organization’s SaaS ecosystem by leading discovery, monitoring, governance, and response across sanctioned and unsanctioned SaaS applications. This position blends security engineering, operational analysis, and risk management with deep expertise in SaaS APIs, posture management, and compliance requirements. This role partners with Security Engineering, Identity, Cloud, Risk, and IT Operations to strengthen SaaS security posture, enforce policy, detect threats, and ensure regulatory alignment. \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ Key Responsibilities 1. SaaS API Security, Integration & Discovery

  • Lead SaaS Security API Discovery across sanctioned and unsanctioned applications, including mapping available endpoints, permissions models, data objects, and supported security controls.
  • Parse and interpret JSON schemas for API-based integrations, user/permission enumeration, and posture ingestion.
  • Evaluate SaaS providers’ API capabilities against SSPM requirements (e.g., Users, Permissions, Tenant Settings, Integrations, Activity Logs).
  • Assess API readiness of third party SaaS vendors and guide them in meeting enterprise security requirements. 2. SaaS Security Posture Management (SSPM) Operations
  • Configure and maintain SaaS security tooling
  • Monitor for misconfigurations, risky integrations, privilege drift, anomalous behavior, and policy violations.
  • Support continuous posture hardening by aligning SaaS configurations to industry standards, internal policies, and regulatory frameworks. 3. Threat Detection Operations Perform threat scenario analysis, API event monitoring, and investigation of suspicious SaaS activity (e.g., off normal access patterns, data exfiltration behaviors, privilege escalation indicators).
  • Collaborate with incident response teams to deliver SaaS specific detection logic, alerts, and runbooks.
  • Participate in vulnerability assessments, pen testing coordination, and threat modeling across critical SaaS systems. 4. Risk Management & Compliance Reporting
  • Identify, document, and track SaaS related risks, misconfigurations, vendor gaps, and integration weaknesses.
  • Provide structured risk assessments, vendor security evaluations, and remediation recommendations.
  • Develop and automate compliance reporting across SaaS platforms (e.g., SOX, ISO, SOC2, GDPR, industry frameworks).
  • Ensure SaaS usage aligns with enterprise risk tolerance and regulatory obligations. 5. Process Identification, Standards & Documentation
  • Build and maintain SaaS Security Operations SOPs, workflow documentation, integration diagrams, and intake processes.
  • Identify opportunities for process automation, standardization, and optimization across onboarding, monitoring, detection, and vendor engagement.
  • Produce high quality documentation for internal stakeholders and external SaaS vendors to support secure onboarding and configuration. 6. Collaboration & Stakeholder Engagement
  • Work with cross functional teams (Identity, Cloud, IT Ops, Vendor Management, Procurement) to drive secure adoption and governance of SaaS applications.
  • Lead or participate in SaaS vendor workshops, security reviews, and integration planning sessions.
  • Provide technical guidance to application teams on secure SaaS design patterns and integration best practices. \_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_\_ Required Skills & Experience
  • Deep understanding of SaaS architectures, multi tenant models, and cloud native security patterns.
  • Hands on experience with SaaS APIs, authentication flows (OAuth/OpenID Connect), and interpreting JSON schemas.
  • Strong background in security operations, including monitoring, event analysis, and threat detection.
  • Experience with SaaS security tooling: SSPM platforms, DLP, identity governance, and logging pipelines.
  • Solid knowledge of risk frameworks, vendor risk programs, and compliance (e.g., SOC2, ISO27001, NIST, GDPR).
  • Excellent documentation capabilities — able to convert technical findings into clear reports, workflows, and diagrams.
  • Strong analytical and problem solving skills; ability to work with ambiguity across varied SaaS ecosystems.
  • Proactive Initiative – Recognizes needs, tasks, or problems early and takes action without waiting for direction

Pay Rate Range
45 - 53 USD hourly
Additional Notes
*The above listed pay range is a good faith estimate of what the employer reasonably expects to pay for this position.*
Benefits Information
*Optional benefits offering includes medical, dental, vision and retirement benefits via Hiregenics.*

Ready to apply?
You'll be redirected to Northern Trust Corp.'s application page.

Similar roles