SaaS Security Manager

About the Job BluOcean Cyber is seeking a SaaS Security Manager to help design, lead, and mature security programs across enterprise SaaS environments. This role is ideal for a senior security leader who combines hands-on architecture depth, consulting delivery experience, and the ability to build and lead high-performing security engineering teams in a fast-moving startup environment. You will serve as a trusted advisor, solution architect, delivery lead, and team leader across complex client engagements.

You will help organizations identify risk, modernize security controls, build scalable security programs, and improve their security posture across SaaS application environments. The ideal candidate brings strong foundational expertise in cloud and application security, the ability to lead cross-functional efforts, and the curiosity and adaptability to grow into deeper specialization across SaaS security and SaaS Security Posture Management. This is a leadership role for someone who can see the bigger picture, translate strategy into executable plans, build repeatable delivery capabilities, and lead teams toward measurable outcomes.

What You’ll Do Lead the architecture and design of security programs across enterprise SaaS environments. Design secure reference architectures, implementation frameworks, control models, and reusable methodologies for SaaS, cloud, application, and product security. Evaluate SaaS platforms, cloud-connected applications, APIs, integrations, and identity models for misconfigurations, excessive permissions, insecure integrations, weak control coverage, and operational risk.

Advise CISOs, security leaders, engineering teams, product teams, IT teams, and business stakeholders on practical approaches to reducing risk across modern technology environments. Serve as a Manager-level technical and delivery leader for client engagements, guiding security engineers, consultants, and stakeholders through assessments, architecture decisions, control implementation, and operational maturity initiatives. Act as a solution architect and delivery lead, owning engagement design, technical direction, delivery quality, stakeholder alignment, and measurable client outcomes.

Lead SaaS security programs and workstreams from strategy through execution, including scope definition, roadmap creation, technical leadership, resource coordination, progress tracking, and outcome measurement. Develop security roadmaps, maturity models, executive-ready recommendations, business cases, and implementation plans for client environments. Build, mentor, and lead security engineering teams, helping strengthen technical depth, delivery discipline, consulting maturity, and overall team capability.

Partner with internal leadership to build repeatable offerings, delivery playbooks, architecture patterns, technical enablement materials, and client-facing collateral. Help BluOcean scale its consulting delivery model by bringing structure, rigor, ownership, and strong client-service practices into a high-growth startup environment. Support the integration of security tooling and workflows across SaaS security tools, cloud-native security platforms, SIEM, SOAR, ITSM, CI/CD, vulnerability management, and identity systems.

Translate complex technical findings into clear, actionable guidance for technical teams, executives, and business stakeholders. What You’ll Need — Required 8–12 years of progressive cybersecurity experience, including meaningful hands-on experience in cloud security, application security, product security, security architecture, security engineering, or security consulting. Experience working in or with firms such as Deloitte, EY, KPMG, PwC, Accenture, or similar consulting organizations.

Strong architecture-level knowledge of cloud security across AWS, Azure, or Google Cloud, including IAM, logging, monitoring, encryption, secure configuration, and least privilege. Experience designing or leading security improvements for applications, products, APIs, cloud-hosted services, SaaS platforms, or modern engineering environments. Demonstrated ability to build, guide, and lead security engineering teams, including mentoring team members, improving delivery practices, and raising technical quality.

Proven experience serving as a solution architect or lead delivery owner for security programs, assessments, implementations, or transformation initiatives. Experience leading a security program, technical workstream, or cross-functional initiative, including setting direction, coordinating contributors, tracking progress, and driving outcomes. Experience applying security frameworks and control models such as NIST CSF, NIST 800-53, ISO 27001, SOC 2, CIS Benchmarks, CSA CCM, or similar.

Strong consulting presence and communication skills, with the ability to explain architecture decisions, risk tradeoffs, and program priorities to both technical and non-technical audiences. High ownership, accountability, and follow-through, with the ability to lead ambiguous work, create structure, and move teams toward completion. Comfort operating in a startup environment where priorities evolve quickly, ownership is high, and leaders are expected to be hands-on when needed.

What Sets You Apart — Preferred Experience securing enterprise SaaS platforms such as Microsoft 365, Salesforce, Google Workspace, ServiceNow, Workday, GitHub, or similar environments. Hands-on experience with SaaS Security Posture Management tools such as AppOmni, Falcon Shield, Obsidian Security, Reco, DoControl, Normalyze, or similar platforms. Experience leading or supporting SaaS security posture management programs, including SaaS misconfiguration management, identity risk, excessive permissions, OAuth app review, and third-party integration risk.

Experience with infrastructure-as-code security, CI/CD security, container security, Kubernetes security, or product security programs. Proficiency with scripting or automation using Python, PowerShell, Bash, APIs, or similar tools. Experience building dashboards, metrics, control monitoring, compliance automation, or executive reporting for security programs.

Experience developing reusable consulting methodologies, delivery frameworks, technical enablement, or go-to-market security offerings. Relevant certifications such as CCSP, CCSK, CISSP, AWS Security Specialty, Azure Security Engineer, Google Professional Cloud Security Engineer, CSSLP, or similar. Why Join BluOcean Cyber BluOcean Cyber is building at the forefront of the SaaS and modern security transformation.

This is an opportunity to step into a leadership role where you will not just advise clients, but help shape how security programs are architected, delivered, and scaled. You will work with ambitious clients, complex environments, and a team that values ownership, technical depth, speed, and practical impact. If you are ready to lead in a high-growth startup environment and bring structure, delivery excellence, and technical leadership to a growing team, this role offers the opportunity to build, influence, and deliver at a meaningful scale.

If you are passionate about building resilient SaaS security environments — and you are ready to lead from the front — we want you on our team. Compensation CTC: INR 40–60 LPA , based on experience, expertise, and fit. Apply now.