To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category Products and Technology
Salesforce Security, Governance, Risk, and Compliance (GRC) Team is responsible for enterprise wide GRC ensuring Salesforce leadership has the information needed to make strategic risk-based decisions enabling the achievement of Salesforce business objectives globally. Our team builds and deploys common governance, risk, and compliance processes, controls, conducts audits, and ensures that technologies and business operations structured and configured for data protection and compliance.
This team is responsible for the execution, facilitation and management of Security GRC certification programs across the company that our customers depend on. The role will be heavily focused on evaluating technology controls, supporting audits for the companies certification programs and acting as a compliance subject matter expert to the business. Specifically dealing with public cloud based platforms such as AWS, Azure, and GCP.
- 4+ years experience in performing and running audits, certification programs and control assessments, including but not limited to scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results.
- Strong knowledge of and experience in security risk management and with frameworks including related regulatory compliance requirements (e.g., SOC 1/2, HITRUST, FedRAMP, PCI) required (internal audits is a different department/posting)
- Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management
- Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage (e.g., RPA, data analytics)
- Strong ability to define, drive and execute a program vision, strategy, approach and milestones in alignment with organization priorities and initiatives
- Strong ability to assess the big picture, connect the dots and apply to tasking
- Execution oriented, results-driven, and a self-motivator
- Excellent interpersonal, relationship, collaboration and influencing skills
- Excellent critical-thinking and organizational skills
- Excellent program management skills, including but not limited to resourcing, capacity planning and budgeting
- Excellent presentation, facilitation, executive reporting and communication skills
- Strong knowledge of or experience with capability maturity models (e.g., CMMI) and innovation skills
- Knowledge of or experience working with Agile methodology and GRC tools (Metricstream, Archer, etc.)
- Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required.
- Relevant BA/BS degree and/or certifications (e.g., CRISC, CISSP, CCIE, CISM, CISA, CCSK)
- You have built productive relationships with stakeholders, including Technical Operations, Security Operations, Technical Compliance, etc..
- PCI, SOC 1/2 are most needed frameworks.
- AWS Certifications
For Colorado-based roles: Minimum annual salary of $110,000. You may also be offered a bonus, restricted stock units, and benefits. More details about our company benefits can be found at the following link: https://www.getsalesforcebenefits.com/
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form .
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org .
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.