Sr. Analyst I

Benefits

Additional Information

As one of the world's leading independent global investment firms, Invesco is dedicated to rethinking possibilities for our clients. By delivering the combined power of our distinctive investment management capabilities, we provide a wide range of investment strategies and vehicles to our clients around the world. If you're looking for challenging work, intelligent colleagues, and exposure across a global footprint, come explore your potential at Invesco. Job Description Job Purpose (Job Summary): This role is responsible for maintaining and strengthening the security posture of SaaS applications and remediating Data Loss Prevention (DLP) and vulnerability findings across the organization. Core responsibilities include continuous security monitoring, configuration hardening, reporting and tracking vulnerability findings, and partnering with technology owners to drive timely remediation. The role also supports risk reporting and the operationalization of new vulnerability management capabilities for SaaS and that prevents data loss and data misuse across both on‑premises and cloud environments. This position serves as a security subject matter expert, collaborating with technology and business partners to manage findings and implement effective security controls that protect Invesco's data and network. Key Responsibilities / Duties: Continuously monitor SaaS applications for misconfigurations, risky user behavior, or other deviations against application security baselines. Review and remediate SaaS security findings based on industry benchmarks prioritizing vulnerabilities using risk‑based strategies and contextual intelligence. Conduct periodic SaaS posture audits and prepare reports for leadership. Support SaaS onboarding projects with security configuration reviews. Collaborate with IAM, AppSec, SecOps, and Engineering teams to drive secure SaaS adoption. Track and report SaaS security KPIs and risk scores. Monitor DLP alerts and investigate incidents across storage and applications used by Invesco. Conduct risk reviews and operationalize data vulnerability management processes across the organization. Prepare dashboards and compliance reports. Provide user awareness on secure data practices. Lead DLP‑related identified vulnerabilities and remediation plans. Provide internal remediation support through the design, implementation and integration of network infrastructure and information security controls. Other duties as assigned. Work Experience / Knowledge: 8+ years of Information Security or relevant experience. Solid understanding of SaaS security and controls frameworks. Experience with SSPM tools. Strong knowledge of OAuth apps, API tokens, SSO, SCIM provisioning, and RBAC models. Familiarity with large SaaS platforms. Good knowledge of standards: CIS Benchmarks, CSA CMM, SOC2, ISO 27001. Ability to analyze alerts, risks, and configurations including usage of automation to scale. Hands-on experience with enterprise DLP platforms. Strong understanding of data classification, labeling, and protection frameworks. Building mature vulnerability management processes for new vulnerability domains. Other Skills Required: Good interpersonal skills (written and oral communication) and ability to articulate complex issues to executives and customers Make data-driven and fact-based decisions using individual judgement and problem solving. Ability to communicate technical information clearly and concisely, commensurate with the audience Strong analytical skills with ability to define, collect, analyze data, establish facts, draw valid conclusions, and make sound decisions. Conceptual thinking and communication skills - the ability to conceptualize complex business and technical requirements into comprehensible models and templates. Must be a team player and motivated self-starter with ability to work independently and remotely with limited supervision. Maintain strict confidentiality of all security issues including legal investigations, Compliance, and HR data requests License / Registration / Certification: Preferred certification: AWS Cloud Practitioner/CCSP - Certified Cloud Security Professional (ISC²)/ CISSP Full Time / Part Time Full time Worker Type Employee Job Exempt (Yes / No) Yes Workplace Model At Invesco, our workplace model supports our culture and meets the needs of our clients while providing flexibility our employees value. As a full-time employee, compliance with the workplace policy means working with your direct manager to create a schedule where you will work in your designated office at least three days a week, with two days working outside an Invesco office. Why Invesco In Invesco, we act with integrity and do meaningful work to create impact for our stakeholders. We believe our culture is stronger when we all feel we belong, and we respect each other's identities, lives, health, and well-being. We come together to create better solutions for our clients, our business and eac

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at invesco? Share your experience