Lead and/or contribute to security design of Salesforce environments at the application, platform and infrastructure levels as applicable
Responsibilities will include Salesforce security controls review and design of Salesforce application security mechanisms such as role-based access control, DevSecOps, and integration with security tools including identity and access management solutions and security information and event management solutions
Collaborate with other teams and departments to align security requirements with other constraints, such as business requirements or technology limitations
Create and maintain architecture design artifacts such as diagrams and documentation
Interpret output of activities such as penetration tests and application security scans, translating into actionable remediation requirements
Maintain and expand knowledge of best practices and emerging trends in both general information security as well as key specialty areas such as cloud and mobile security
Provide feedback and approval for system and application designs and architectures as relates to adherence to security principles and company security policies
Lead & Guide the implementation of Salesforce Cloud monitoring tool (AppOmni) from the security stakeholder perspective
Support cybersecurity vulnerabilities and incidents that affect Salesforce by providing guidance to the Salesforce Business team
Plan and implement proof-of-concept, pilots, and reference architectures
Technical Experience 5+ years of professional experience in information technology, including at least 3 years of experience in Cybersecurity.
Unique Skills:
Broad understanding of computer networking, technology, and customer service with a security focus
Understanding of common web application security concepts, such as the OWASP Top 10, and their practical implementation
Experience with industry cybersecurity frameworks (eg. NIST 800-53 or equivalent)
Operational knowledge and skills related to conducting industry standard application security assessments
Experience gathering evidence to verify cybersecurity control implementation
Strong verbal and written communications skills, with an ability to express complex technical concepts in business terms to multiple different audiences
Ability to inform, educate and influence business and IT employees to support goals and initiatives of the Cybersecurity department
Analytical and conceptual thinking - using logic and reason, creative and strategic
Integration - joining people, processes or system
Excellent planning, organization, and time management skill
Ability to work independently with minimal supervision
Desired Salesforce Platform Skills
Hands-on, practical experience as an admin with Lightning & Classic Service Cloud, Marketing Cloud, Experience(Communities) Cloud, and/ related Salesforce tools like Tableau CRM
Thorough understanding of Salesforces Security Model like Roles, Profiles, Object Settings and permission sets, sharing settings, hierarchy etc.
Thorough understanding of Salesforce security features like Event Monitoring, Field Accessibility, Login Access Policies, Platform Encryption (SHIELD) - probabilistic & deterministic, Sharing Settings, Setup Audit Trail etc
Bachelor’s degree