Staff Enterprise Application Engineer

Senior Manager - Information Security

We are seeking a Staff Enterprise Application Engineer to own, operate, and evolve our growing portfolio of enterprise SaaS applications. This is a high-impact, cross-functional role sitting at the intersection of IT, HR, Security, Finance, and Engineering. You will be the subject matter expert across our core enterprise platforms — including HRIS, Identity & Access Management (IAM), workflow automation, and a broad range of business-critical SaaS tools — ensuring they are well-integrated, secure, reliable, and aligned with organisational needs.

You will lead the technical design and implementation of application integrations, automation workflows, and process improvements, while partnering with business stakeholders to translate operational requirements into scalable technical solutions

What You Will Bring to ChargePoint

Enterprise Application Ownership

• Act as the primary technical owner for the organisation's enterprise application portfolio — covering HRIS, IAM, IT Service Management (ITSM), Finance, Legal, and Productivity platforms.
• Manage the full application lifecycle: procurement support, onboarding, configuration, upgrades, and decommissioning.
• Maintain comprehensive documentation for all managed applications — architecture diagrams, integration maps, configuration guides, and runbooks.
• Establish and enforce application governance standards, change management processes, and release cadences.
• Serve as the escalation point for complex application issues; coordinate with SaaS vendors on support tickets, roadmap discussions, and contract renewals.

HRIS & HR Technology

• Administer and optimise the organisation's HRIS platform (e.g., Workday, BambooHR, HiBob, SAP SuccessFactors, or equivalent), including configuration of core HR modules — employee records, onboarding/offboarding, organisational hierarchy, compensation, and reporting.
• Design and maintain integrations between the HRIS and downstream systems such as payroll, identity providers, collaboration tools, and finance platforms.
• Partner with HR, Finance, and People Operations teams to automate manual processes and improve data accuracy across the employee lifecycle.
• Manage HRIS data integrity, access controls, and audit trails in line with data privacy requirements (GDPR, CCPA, or applicable regulations).

Identity & Access Management (IAM)

• Design, implement, and maintain IAM solutions including Single Sign-On (SSO), Multi-Factor Authentication (MFA), and lifecycle management (joiner/mover/leaver) workflows.
• Administer identity providers such as Okta, Azure Active Directory (Entra ID), OneLogin, or Ping Identity — including application integrations, SAML/OIDC/SCIM configurations, and conditional access policies.
• Own user provisioning and de-provisioning automation across the SaaS application estate, ensuring timely access changes aligned with HR events.
• Define and enforce Role-Based Access Control (RBAC) and Attribute-Based Access Control (ABAC) policies across enterprise applications.
• Conduct regular access reviews and certifications; ensure compliance with least-privilege principles and audit requirements.

Workflow Automation & Integration

• Design and build workflow automations and application integrations using platforms such as Workato, Zapier, MuleSoft, Boomi, Tray.io, or native iPaaS tools.
• Develop integrations between enterprise applications using REST APIs, GraphQL, webhooks, and SCIM protocols.
• Automate employee lifecycle events — provisioning, deprovisioning, role changes, onboarding tasks — triggered by HRIS events and propagated across the application stack.
• Build self-service workflows and approval processes using ITSM and workflow tools (ServiceNow, Jira Service Management, or equivalent).
• Monitor integration health, manage error handling, and maintain data consistency across connected platforms.

SaaS Application Portfolio Management

• Manage and optimise a broad portfolio of SaaS applications across functions including collaboration (Slack, Microsoft 365, Google Workspace), project management (Jira, Asana, Monday.com), CRM (Salesforce, HubSpot), ITSM (ServiceNow, Freshservice), security (Okta, CrowdStrike), and finance (NetSuite, Coupa, Expensify).
• Evaluate new SaaS tools requested by business teams — conduct vendor assessments, security reviews, and proof-of-concept deployments.
• Manage SaaS licence optimisation — track utilisation, identify waste, and work with Finance to right-size entitlements.
• Ensure all SaaS applications meet security and compliance standards (SSO enforcement, MFA, data retention, vendor risk assessments).

Security, Compliance & Data Governance

• Embed security best practices across the enterprise application estate — SSO enforcement, MFA, API key management, and data classification.
• Ensure applications comply with relevant frameworks and regulations (SOC 2, ISO 27001, GDPR, HIPAA where applicable).
• Maintain an accurate application inventory including data flows, integration dependencies, and data residency information.
• Collaborate with the Security and Legal teams on vendor risk assessments, Data Processing Agreements (DPAs), and third-party audits.

Stakeholder Engagement & Leadership

• Partner with HR, Finance, Legal, Engineering, and IT leadership to understand business needs and translate them into scalable application and integration solutions.
• Lead cross-functional projects involving enterprise application rollouts, migrations, and consolidations.
• Mentor junior application engineers and IT analysts; define team standards and best practices.
• Communicate technical concepts clearly to non-technical stakeholders; present solution proposals and project status to leadership.

• 7–9 years of hands-on experience in enterprise application engineering, IT systems administration, or a closely related discipline.
• Proven expertise administering and integrating HRIS platforms (Workday, BambooHR, HiBob, SAP SuccessFactors, or equivalent) including core HR modules and data integrations.
• Deep experience with IAM platforms — Okta, Azure AD/Entra ID, or equivalent — including SSO (SAML, OIDC), SCIM provisioning, MFA, and conditional access.
• Hands-on experience with workflow automation and iPaaS tools such as Workato, Zapier, MuleSoft, Boomi, or Tray.io.
• Strong working knowledge of a broad range of enterprise SaaS applications across HR, IT, Finance, Collaboration, and Security domains.
• Solid understanding of REST APIs, webhooks, OAuth 2.0, SAML, OIDC, and SCIM for application integration.
• Proficiency in at least one scripting language (Python, JavaScript/Node.js, or Bash) for automation and API interaction.
• Strong project management skills — ability to manage multiple concurrent initiatives, stakeholders, and delivery timelines.
• Excellent written and verbal communication skills; ability to produce clear documentation and present to senior stakeholders.

• Experience with ServiceNow — ITSM configuration, workflow development, or application integration.
• Familiarity with Salesforce administration or integration.
• Exposure to Google Workspace or Microsoft 365 administration at an enterprise scale.
• Experience with privileged access management (PAM) tools (CyberArk, BeyondTrust, or similar).
• Knowledge of SaaS spend management platforms (Torii, BetterCloud, Zylo, or Blissfully).
• Experience conducting vendor security assessments and managing DPAs and third-party risk.
• Relevant certifications: Okta Certified Administrator/Consultant, Workday HCM, ITIL Foundation, AWS Cloud Practitioner, or equivalent.
• Background in high-growth tech, FinTech, or enterprise SaaS companies

Gurgaon/Remote