To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Enterprise Technology & Infrastructure

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

About Salesforce
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team - Original Platform Compliance (OPC)
The GRC Security Compliance team is leading the execution, facilitation and management of Security Compliance certification programs across the company that our customers depend on. The role will be heavily passionate about evaluating technology controls, supporting audits for the companies certification programs and acting as a compliance domain authority on multiple first-party and public cloud-hosted business units. The Senior Analyst will support a variety of external audits and evaluations, such as: ISO 27001/17/18, SOC1/2/3, HIPAA, PCI, and HITRUST. This role will also work directly with our internal engineering teams on current and future capabilities that could affect the compliance of our products!

Impact - Responsibilities:

• Plan, coordinate and implement work assignments with process/control owners and external auditors

• Perform compliance readiness testing, document results, and provide updates to the Security management, and internal partners (Engineering, Sales, Product Management, Legal, etc.)

• Run the timely and high-quality execution of GRC landmarks.

• Advise process & control owners with the preparation and on-going maintenance of controls and control documentation (e.g., policies, procedures, narratives, and matrices)

• Proactively identify gaps or conflicts in existing policies and processes and work to develop solutions with internal business partners.

• Assist with and drive remediation of process and control deficiencies and gaps identified internally and externally

• Educate and train process/control owners so they better understand the security controls framework and their responsibilities

• Evaluate and advise on new and evolving certification programs and technology.

• Build positive relationships with business partners and facilitate continuous improvement aligned with operational processes.

• Optimally communicate program execution status, key accomplishments, and risks to senior management both within Security and to our business partners.

Minimum Qualifications:

• BA or BS in Computer Science or any related subject area, or 3+ years of experience

• In-Depth technical background with a good understanding of security concepts and practical usage (Network Engineering, Network Security, Threat and Vulnerability Management, Database, SDLC, and Release Management)

• Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Infrastructure as a Service (IaaS) environments

• Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as ISO 27001, SOC, HIPAA, PCI, HITRUST, and FedRAMP

• Prior experience with certification frameworks such as Protected B, K-ISMS, C5 is a plus

• Possess a “whatever it takes to get the job done” mentality (i.e., pick up the phone, stop by a desk, follow-up multiple times)

• Validated security experience in IT audit or advisory

Required Qualifications:

• Analytical problem solver with strong organizational skills; attention to detail is a must

• Ability to work efficiently with minimal oversight/direction

• Excellent written and verbal communication skills; ability to effectively communicate across all levels of the Company

• Strong cross team collaboration skills

• Ability to travel up to 10%

Preferred Qualifications:

• certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK) are a plus

*LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

For Colorado-based roles, the base salary hiring range for this position is $114,200 to $157,100.

For Washington-based roles, the base salary hiring range for this position is $125,700 to $172,800.

For California-based roles, the base salary hiring range for this position is $137,100 to $188,600.

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.