Senior, or Lead Incident Handler
- Herndon, VA
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category Products and Technology
Job Details Salesforce has one of the best Information Security teams in the world and growing this piece of the business is a top priority! Our Information Security teams work hand in hand with the business to ensure the highest security around all of our applications. The GovCloud Computer Security Incident Response Team (CSIRT) is responsible for 24x7x365 security monitoring and rapid incident response across all GovCloud Salesforce and acquisition environments. This team protects the confidentiality, integrity, and availability of company and customer data.
As a key member of our growing GovCloud CSIRT, Incident Handlers will work on the ‘front lines’ of the Salesforce Government Cloud environment, leading a team that protects our critical infrastructure and our customers’ data from the latest information security threats.
The Incident Handler is responsible for security operations, including real-time analysis of security alert data and leading the response to potential security incidents. Incident Handlers will also work on compliance projects, and enhancements to detection and incident response capabilities. We have a strong team environment where knowledge sharing is encouraged.
This position is based in our 24x7 operations center. As a result, shift work (including on weekends, as needed) is required.
- Active TS/SCI clearance
- Strong problem solving ability to identify solutions to encountered or anticipated challenges
- Robust technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
- Drive incidents to resolution with an appropriate sense of urgency
- Strong interpersonal and communication skills required for coordinating responses to complex incidents across the organization with many stakeholders
- Ability to manage time and professional interactions well
- Ability to deliver quality work products with aggressive deadlines while balancing multiple priorities
- Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
- Technical security background and understanding of network fundamentals and common Internet protocols.
- Technical understanding of AWS or GCP administration and security controls.
- Familiarity with incident response and security operations within public cloud environments.
- The ability to manage the response to high priority, high visibility operational security issues.
- 7+ years experience in the Information Security field.
- Prior experience in a fast paced operational environment
- Professional demeanor even in high stress situations
- Operational experience monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs.
- Operational experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections.
- System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
- Openness to shift work in a 24x7x365 operations environment.
- Relevant information security certifications, such as CISSP, CERT CSIH, GCIH or other SANS certifications.
Accommodations - If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org.
Salesforce welcomes all.
Back to top