Manager Information Security
Job Type
Job Details
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
FinanceJob Details
About Salesforce
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
As the adoption of Salesforce for critical applications in the enterprise accelerates, so does the requirement for our prospects and customers to learn more about how we keep their data secure. Manager Information Security will be the interface between Salesforce Security and our customers and prospects to ensure they are successful with their own internal compliance and vendor-management efforts related to Salesforce.
Job functions
Salesforce security and compliance expert for customers and prospects
Understand our business and the problems we are trying to solve, deeply, when it comes to our core security services
Support the sales and pre-sales teams in responding to customer risk and security questionnaires and queries
Build customer trust through managing and hosting in-person customer/prospect security meetings
Be the Salesforce field expert for the Salesforce trust story covering security, architecture, reliability, performance, privacy and compliance conversations
Interface with Product Management and various internal security teams to ensure all the latest security features and capabilities adequately represented in customer responses
Review the security findings in the customer-conducted penetration test reports and collaborate with internal teams to oversee their remediation.
Collaborate with the Salesforce Legal, Privacy and other teams on customer-specific contractual requirements
Ensure field sales, services and partner teams are consistently enabled with the latest and best positioning around Salesforce security and compliance
Gather customer security/compliance requests, and liaison with Salesforce product managers as well as engineering teams to maintain a security product roadmap
Provide input and assist in developing compliance-related documentation: white papers, standard questionnaires, security best practices, etc.
Develop SME capabilities for selected Salesforce Services and work with the product teams and global SMEs within the team to stay updated on the latest developments.
Support drafting white papers and security collateral
Desired skills and experience
Bachelor's degree with 10+ years of experience in information security, security architecture, governance, risk and compliance
Good understanding of the regulatory environment in India as it pertains to to public sector procurement practices, Government e-Marketplace (GeM), Ministry of Electronics and Information Technology (MeiTY) SaaS empanelment requirements
Familiarity with public sector tendering process
Experience interpreting the intent of specific customer questions, and mapping them to industry standard controls
Experience in conducting penetration tests and vulnerability assessments across various platforms, including web applications, networks, and mobile devices
Experience using industry-standard tools and frameworks such as Metasploit, Burp Suite, Nmap, and Wireshark, along with a strong understanding of common security protocols and attack vectors
Required skills and experience
Excellent communication and presentation skills
Good understanding of public cloud platforms like AWS, GCP, Azure.
Familiarity with one or more security and regulatory frameworks: NIST 800-53, NIST Cybersecurity Framework, PCI-DSS, ISO 27001, ISO 27017, ISO 27018
Strong understanding of Indian Security and Privacy Regulations including but not limited to India Digital Personal Data Protection Act (DPDPA), RBI IT Outsourcing Guidelines, SEBI CSCRF, etc.
Extensive experience in designing and implementing security architectures for enterprise-level systems, including cloud and on-premises environments.
Strong knowledge of security frameworks and standards such as NIST, ISO 27001, and CIS, along with hands-on experience with security tools and technologies like firewalls, intrusion detection/prevention systems, and encryption protocols.
Managed one or more compliance certifications/audits, either as an auditor or responder (PCI-DSS, ISO27001, SOC 1, SOC 2)
Experience with supporting customer security/compliance questionnaires
Familiarity with public cloud architectures, security practices and compliance documentation
Experience supporting Public Sector customers across state and federal as well as the financial services industry
Supported responses to public sector tenders/RFPs/RFIs from a security architecture, risk and compliance perspective
Strong team player
About Salesforce
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work for six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!
Accommodations
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
Posting Statement
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.
WHO WE ARE: We’re Salesforce, the Customer Company, inspiring the future of business with AI+Data+CRM. Leading with our core values, we help... Read more