Senior Security Analyst – SaaS & DLP

About the role

Invesco is seeking a Senior Security Analyst to strengthen the security posture of its SaaS applications and manage data loss prevention across the organization. The role focuses on continuous monitoring, vulnerability remediation, and the operationalisation of new security capabilities in both cloud and on‑premises environments.

Key responsibilities

• Continuously monitor SaaS applications for misconfigurations, risky user behaviour and deviations from security baselines.
• Review, prioritise and remediate SaaS security findings using risk‑based strategies and industry benchmarks.
• Conduct periodic SaaS posture audits and produce reports for leadership.
• Support SaaS onboarding projects with security configuration reviews.
• Collaborate with IAM, AppSec, SecOps and Engineering teams to drive secure SaaS adoption.
• Track and report SaaS security KPIs and risk scores.
• Monitor DLP alerts, investigate incidents and lead remediation plans.
• Develop dashboards, compliance reports and user awareness material on secure data practices.
• Provide internal remediation support through design and integration of security controls.

Required profile

• 8+ years of experience in information security or a related field.
• Strong understanding of SaaS security frameworks and controls.
• Experience with SaaS Security Posture Management (SSPM) tools.
• Knowledge of OAuth, API tokens, SSO, SCIM provisioning and RBAC models.
• Familiarity with large SaaS platforms and standards such as CIS Benchmarks, CSA CMM, SOC 2 and ISO 27001.
• Ability to analyse alerts, risks and configurations and to automate security processes.
• Hands‑on experience with enterprise DLP platforms.

Required skills

• SaaS security
• SSPM tools
• OAuth
• API tokens
• Single Sign‑On (SSO)
• SCIM provisioning
• Role‑Based Access Control (RBAC)
• CIS Benchmarks
• CSA Cloud Controls Matrix (CSA CMM)
• SOC 2
• ISO 27001
• Data Loss Prevention (DLP) platforms
• Risk analysis
• Security automation