Overview

Join Salesforce’s world class Security organization and be part of our talented and highly technical global Enterprise Security team.
Our team conducts technical security testing, performs risk assessments, and provides business risk guidance on a wide variety of infrastructure technologies such as operating systems (Mac, Linux, Windows, ChromeOS, iOS, Android), devices (mobile, embedded technologies, IOT), networks (wired, wireless, cloud), and applications (endpoint, mobile, web, cloud).

This role is for a seasoned information security professional who will lead projects, provide security guidance, mentor junior staff, and maintain a high technical skillset in a diverse and changing enterprise environment. You have a deep technical curiosity and thrive when given opportunity to analyze and investigate. You will also be instrumental in building relationships across the organization to help champion and influence security for Salesforce.

Salesforce.com is consistently on the “Best Places to Work” list and we’re looking for a dynamic, energetic, critical thinker with a track record of learning and thriving in a challenging work environment.

Responsibilities:

– Perform security assessments of a large variety of network environments and technologies… think vulnerability assessments, penetration tests, risk analysis, architecture review, and just plain creative thinking
– Evaluate cloud and traditional network environments (i.e. AWS, Azure, etc.) to determine security risk, providing guidance to both technical and business leaders… how secure is that cloud
– Define and develop technical security standards and guidelines in collaboration with other security staff
– Evaluate risk of enterprise network architectures, interconnected infrastructure environments, connected devices and propose requirements for reducing security risks
– Research new technologies, emerging threats and vulnerabilities for strategic planning and business processes improvements
– Collaborate with infrastructure engineering teams and corporate business units to drive solutions through a secure development lifecycle (influencing architecture, design, road-map development, growth strategies, budgets, and business process integration)
– Recommend enhancements to Enterprise Security procedures and identify process improvement opportunities

Required Skills & Certifications:

– Relevant BA/BS degree and at least 3-5 years experience in a security role covering at least three of the following areas: application whitelisting, security engineering, incident response/handling, penetration testing, intrusion detection, firewallaccess control technologies, risk management, identity management, Windows, Mac or Linux security, encryption technologies, or endpoint security control
– Solid understanding of key network protocols and concepts such as TCP/IP, MPLS, SSH, SSL/TLS, IPSec
– Familiarity with Intrusion Detection/Prevention Systems (IDS/IPS), Application Layer Firewalls, L3/L4 Firewalls, and Host Based security systems
– Excellent organizational, problem solving and time management skills, as well as attention to detail. Must be able to work on multiple tasks concurrently and re-prioritize work independently as neede
– Strong focus on professionalism with excellent written and oral communication skills
– Ability to communicate complex technical and programmatic information, often in the form of verbal and visual communication, situation reports and briefings
– A commitment to learning and never ending curiosity of all things security

Bonus Points:

– Pen testing, incident response and/or threat modeling experience
– Hands on experiencing designing solutions in and performing security testing in cloud infrastructure environments (AWS, Azure, Google Cloud)
– Industry certifications in security, technology, and/or business management (for example: CISSP, OSCP, GIAC, GPEN, CCIE, CCNP/CCSP, JNCIE)
– Experience performing detailed network traffic analysis, architecture review, and engineering network security solutions
– Working knowledge of modern federated authentication and authorization standards such as SAML, OAUTH
– Experience writing security white papers and/or presenting at industry security conferences and events

Salesforce, the Customer Success Platform and world’s #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole Ohana (Hawaiian for “family”) made up of our employees, customers, partners, and communities, we are working to improve the state of the world!​

 

 

 

Posting Statement
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.