Overview

Salesforce is world’s #1 CRM business and Trust is our #1 value. We commit to Trust by upholding the highest engineering and security standards for our network security posture.

Position Overview:

Salesforce is looking to hire a lead infrastructure compliance resource who will act as a tour guide for our external auditors through our controls frameworks which are used to govern our infrastructure.  Salesforce has an ever-expanding set of security and compliance requirements as we explore new markets and new verticals.  We strive to meet and exceed these requirements and always support our customer needs in the area of security and compliance.  Trust is our #1 value.  A candidate for this role will have an understanding of technology perhaps with a background as an engineer in the field.  This knowledge and background will be used to interpret our existing infrastructure and determine how that infrastructure meets the needs of various compliance frameworks.  Additionally, the ability to translate our technological solutions into plain English for our external auditors and compliance documentation is critical.

Job Functions:

  • Work with our team to maintain existing external compliance certifications:  PCI, SOC, SOX, FedRAMP etc.
  • Grow and adapt the compliance universe at Salesforce to make it more self- service with less engineering impactIdentify areas for continuous controls monitoring (data feeds, automation, etc.)
  • Work with Risk Management to determine critical controls based on risk to the company
  • Review device configuration output to determine state of compliance
  • Work with engineers to determine preventative, detection, and alerting mechanisms across the infrastructure controls and processes
  • Drive towards common processes, practices, tools, and metrics to improve the risk posture
  • Assist with the education and training of process/control owners for them to better understand the technology controls and their responsibilities to them

Qualifications and Experience:

  • Compliance and Information Security experience with 5+ years combined Compliance, risk, security and technology experience.
  • An understanding of the following compliance standards:  SOC, ISO, PCI, FedRAMP.  Citing chapter and verse not required but an overview set of what each framework is focused on is key.
  • Prior experience with technical controls auditing or security reviews
  • Prior experience working with systems in a production setting in order to facilitate the ability to review configurations of controls.
  • Prior experience working in a cloud environment.
  • Ability to work amongst a team in time-critical situations as well as individually to complete projects and personal development work.
  • Excellent verbal and written communication skills. Must be able to effectively articulate our message and effectively communicate across all levels of the Company.
  • Proactively works with and can influence a wide range of individuals like developers, executives, customers, regulators, and specifically our engineering partners.
  • Results-driven, solutions-oriented and comfortable in a fast-paced environment with competing priorities.
  • Exceptional customer service skills, including the desire to make others successful.
  • Analytical thinker with strong organizational skills; attention to detail is a must.
  • Flexibility in work schedule to address peaks and valleys in work cycle
  • Optional:  Certifications:  CISA, CRISC, CISSP, CISM

Company Overview: Salesforce, the Customer Success Platform and world’s #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and one of the top 5 largest cloud business providers. Together, with our whole Ohana (Hawaiian for “family”) made up of our employees, customers, partners and communities, we are working to improve the state of the world.

Posting Statement: Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.