SaaS Security Manager

We are the movers of the world and the makers of the future. We get up every day, roll up our sleeves and build a better world -- together. At Ford, we’re all a part of something bigger than ourselves. Are you ready to change the way the world moves?

Enterprise Technology plays a critical part in shaping the future of mobility. If you’re looking for the chance to leverage advanced technology to redefine the transportation landscape, enhance the customer experience and improve people’s lives, this is the opportunity for you. Join us and challenge your IT expertise and analytical skills to help create vehicles that are as smart as you are.

We are seeking a SaaS Security Manager to spearhead our efforts in securing the growing portfolio of Software-as-a-Service (SaaS) applications utilized across the enterprise. The ideal candidate will possess a strong technical background in SaaS security, proven leadership capabilities, demonstrable relationship-building skills, and deep expertise in specific areas including SaaS Security Posture Management (SSPM), Cloud Access Security Brokers (CASB), vendor risk management, and the application of security frameworks like NIST 800-53 to SaaS environments.

This role involves supervising a team of SaaS security professionals, overseeing the implementation and management of security controls within and around SaaS applications, ensuring compliance with both corporate and regulatory requirements, and contributing to the overall security posture of our enterprise SaaS ecosystem. The SaaS Security Lead will be responsible for strategic planning, operational oversight of owned tools, security and operational incident resolution when needed, as well as collaborating with business partners and application owners to apply controls in a way that achieves security objectives while facilitating business adoption.

What you'll do...

*Supervise, mentor, and develop a team of SaaS security engineers and analysts, fostering professional growth and maintaining high team performance.

*Manage day-to-day SaaS security operations, including continuous monitoring of SaaS application configurations, user activity, and integrations for security risks.

*Design, implement, and maintain robust security controls and policies aligned with organizational requirements and industry best practices for SaaS applications.

*Oversee the configuration, monitoring, and utilization of SaaS Security Posture Management (SSPM) tools to identify and remediate misconfigurations, excessive permissions, and compliance gaps across the SaaS landscape.

*Lead the assessment and management of security risks associated with third-party SaaS vendors, including due diligence, contract reviews, and continuous monitoring of vendor security posture and compliance.

*Ensure the secure integration of SaaS applications, focusing on API security, secure authentication (e.g., SSO, MFA), and data flow protection.

*Ensure SaaS application compliance with regulatory and internal requirements, with a specific focus on interpreting, implementing, and documenting controls based on frameworks such as NIST 800-53, SOC 2, and ISO 27001 as applied to SaaS.

*Support SaaS-specific security incident response activities – when requested by Cyber Defense leadership – ensuring effective containment, analysis, and resolution for incidents involving SaaS applications.

*Collaborate effectively with engineering, operations, procurement, legal, and business teams to integrate security throughout the SaaS application lifecycle, from selection and onboarding to offboarding.

*Develop and present reports on the SaaS security posture, vendor risk, compliance status, and key security initiatives in existing Governance Forums.

*Stay abreast of the latest security threats, vulnerabilities, and security best practices relevant to SaaS applications and their underlying cloud platforms.

You'll have... 

*Bachelor's degree in Computer Science, Software Engineering, or a related field (or equivalent practical experience).

*Minimum of 5 years of experience in information security, with at least 3 years in a leadership capacity.

*Demonstrable hands-on experience securing a diverse portfolio of production SaaS applications and managing SaaS vendor security.

*Strong understanding of core SaaS security concepts, including shared responsibility model, Identity and Access Management (IAM) for SaaS, data protection (DLP, encryption) in SaaS, API security, and secure configuration management.

*Extensive hands-on experience utilizing and managing SaaS Security Posture Management (SSPM) tools and/or Cloud Access Security Brokers (CASB) for security posture management, threat detection, and compliance assessment.

*Proven experience conducting security assessments and due diligence for third-party SaaS vendors.

*Direct experience interpreting, implementing, and documenting controls based on frameworks like NIST 800-53, SOC 2, or ISO 27001 as applied to SaaS environments.

*Experience with security tools and services relevant to SaaS (e.g., SSPM platforms, CASBs, Identity Providers, vendor risk management platforms, API security gateways).

*Solid understanding of common security frameworks and standards (e.g., SOC 2, ISO 27001, NIST 800-53, GDPR, CCPA).

*Excellent leadership, communication, and interpersonal skills, with the ability to effectively articulate technical concepts and security risks to diverse audiences.

Even better, you may have...

*A candidate with multiple years of experience securing specific business functions (e.g., HR, Finance, Marketing) that heavily leverage SaaS applications, able to articulate a mature view on the tradeoffs between security and usability.

*Experience with automating security tasks for SaaS applications via APIs and scripting languages (e.g., Python, PowerShell, Bash).

*Knowledge of DevSecOps principles and integrating security into the SaaS adoption and management lifecycle.

*Familiarity with secure access service edge (SASE) or zero trust network access (ZTNA) solutions for secure connectivity to SaaS services.

You may not check every box, or your experience may look a little different from what we've outlined, but if you think you can bring value to Ford Motor Company, we encourage you to apply!

As an established global company, we offer the benefit of choice. You can choose what your Ford future will look like: will your story span the globe, or keep you close to home? Will your career be a deep dive into what you love, or a series of new teams and new skills? Will you be a leader, a changemaker, a technical expert, a culture builder…or all of the above? No matter what you choose, we offer a work life that works for you, including:

• Immediate medical, dental, vision and prescription drug coverage

• Flexible family care days, paid parental leave, new parent ramp-up programs, subsidized back-up child care and more

• Family building benefits including adoption and surrogacy expense reimbursement, fertility treatments, and more

• Vehicle discount program for employees and family members and management leases

• Tuition assistance

• Established and active employee resource groups

• Paid time off for individual and team community service

• A generous schedule of paid holidays, including the week between Christmas and New Year’s Day

• Paid time off and the option to purchase additional vacation time. 

For a detailed look at our benefits, click here: fordcareers.co/LL6HTHD

This position is a leadership level 6. 

Visa sponsorship is not available for this position.

Candidates for positions with Ford Motor Company must be legally authorized to work in the United States. Verification of employment eligibility will be required at the time of hire.

We are an Equal Opportunity Employer committed to a culturally diverse workforce. All qualified applicants will receive consideration for employment without regard to race, religion, color, age, sex, national origin, sexual orientation, gender identity, disability status or protected veteran status. In the United States, if you need a reasonable accommodation for the online application process due to a disability, please call 1-888-336-0660.

#LI-Remote 
#ah1