Salesforce - Herndon, VA
posted about 2 months ago
Full-time - Mid Level
Herndon, VA
Publishing Industries
About the position
The Information Security Engineer at Salesforce is responsible for leading initiatives related to information security within the Government Cloud Division. This role requires innovation, operational excellence, and the ability to advise business partners on compliance with DoD and Intel requirements. The engineer will work with various security pillars, focusing on continuous improvement and automation to enhance security processes and mitigate risks.
Responsibilities
- Drive existing or newly identified initiatives between partner organizations finding opportunities to collaborate and reducing risk of non-compliance with internal or external requirements
- Support organizational change activities with federal authorization bodies
- Support multiple security pillars within Salesforce Government Cloud Division including but not limited to, controls assessment, evidence automation, continuous monitoring activities, configuration management, incident response, advisory, adoption of AI, vulnerability management, and security documentation
- Consult with business or security customers on information security requirements and applicability to their business processes, products, or services
- Create and maintain relationships with key business, legal, Employee Success, Internal Audit, technical/engineering partners, and other organizations throughout the company who guide in security requirements and solution management
- Focus on continuous improvement of operational processes and designing innovative and automated functionality for added efficiency
- Optimally communicate accreditation programs to applicable business partners
- Perform risk management reviews and work across the organization to identify and mitigate security compliance risks.
Requirements
- Active TS/SCI clearance with polygraph required
- Minimum 5 years of experience in information security, cybersecurity, accreditation, and other security related areas
- Experience working with Government Cloud environments such as AWS, Azure, GCP (SaaS, IaaS, PaaS etc)
- Experience in security related analysis, creating metrics and dashboards and summarizing large data sets
- Ability to work with both business and technical areas and translate between the two areas
- Skilled at building rapport and establishing partnerships
- Technical background to translate security requirements to engineers responsible for implementation
- Excellent verbal and written communication skills and ability to communicate results to multiple levels of management
- Knowledge of DoD and Intelligence community frameworks (ICD-503, DoD IL6)
- Demonstrated desire to learn new skills and innovate
- Agile, proactive, comfortable working with ambiguous specifications and can prioritize quickly and effectively
- Good interpersonal, relationship, and organizational skills
- Excellent analytical and process development skills
- Detail oriented with quality approach
- Drive improvements in existing processes and develop new innovative and efficient solutions
- Ability to work effectively with a wide range of individuals including developers, systems administrators, executives, customers, regulators, auditors, etc.
Nice-to-haves
- Knowledge of, or experience working with, Cloud technologies/environments
- CISSP, CISA, CISM, AWS or similar certifications a plus
Benefits
- Equal pay
- Employee resource groups
- Inclusive benefits
