Manager Information Security

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

Background

As the adoption of Salesforce for critical applications in the enterprise accelerates, so does the requirement for our prospects and customers to learn more about how we keep their data secure.  The Trust & Security Advisor will be the interface between Salesforce Security and our customers and prospects to ensure they are successful with their own internal compliance and vendor-management efforts related to Salesforce.

Job functions

Salesforce security and compliance expert for customers and prospects

• Understand our business and the problems we are trying to solve, deeply, when it comes to our core security services

• Support the sales and pre-sales teams in responding to customer risk and security questionnaires and queries

• Build customer trust through managing and hosting in-person customer/prospect security meetings

• Be the Salesforce field expert for the Salesforce trust story covering security, architecture, reliability, performance, privacy and compliance conversations

• Interface with Product Management and various internal security teams to ensure all the latest security features and capabilities adequately  represented in customer responses

• Review the security findings in the customer-conducted penetration test reports and collaborate with internal teams to oversee their remediation. 

• Collaborate with the Salesforce Legal, Privacy and other teams on customer-specific contractual requirements

• Ensure field sales, services and partner teams are consistently enabled with the latest and best positioning around Salesforce security and compliance  

• Gather customer security/compliance requests, and liaison with Salesforce product managers as well as engineering teams to maintain a security product roadmap

• Provide input and assist in developing compliance-related documentation: white papers, standard questionnaires, security best practices, etc.

• Develop SME capabilities for selected Salesforce Services and work with the product teams and global SMEs within the team to stay updated on the latest developments. 

• Support drafting white papers and security collateral 

Desired skills and experience

• Bachelor's degree with 10+ years of experience in information security, security architecture, governance, risk and compliance

• Good understanding of the regulatory environment in India as it pertains to to public sector procurement practices, Government e-Marketplace (GeM), Ministry of Electronics and Information Technology (MeiTY) SaaS empanelment requirements

• Familiarity with public sector tendering process

• Experience interpreting the intent of specific customer questions, and mapping them to industry standard controls

• Experience in conducting penetration tests and vulnerability assessments across various platforms, including web applications, networks, and mobile devices

• Experience using industry-standard tools and frameworks such as Metasploit, Burp Suite, Nmap, and Wireshark, along with a strong understanding of common security protocols and attack vectors

Required skills and experience

• Excellent communication and presentation skills

• Good understanding of public cloud platforms like AWS, GCP, Azure. 

• Familiarity with one or more security and regulatory frameworks:  NIST 800-53, NIST Cybersecurity Framework, PCI-DSS, ISO 27001, ISO 27017, ISO 27018

• Strong understanding of Indian Security and Privacy Regulations including but not limited to India Digital Personal Data Protection Act (DPDPA), RBI IT Outsourcing Guidelines, SEBI CSCRF, etc.

• Extensive experience in designing and implementing security architectures for enterprise-level systems, including cloud and on-premises environments.

• Strong knowledge of security frameworks and standards such as NIST, ISO 27001, and CIS, along with hands-on experience with security tools and technologies like firewalls, intrusion detection/prevention systems, and encryption protocols.

• Managed one or more compliance certifications/audits, either as an auditor or responder  (PCI-DSS, ISO27001, SOC 1, SOC 2)

• Experience with supporting customer security/compliance questionnaires

• Familiarity with public cloud architectures, security practices and compliance documentation

• Experience supporting Public Sector customers across state and federal as well as the financial services industry 

• Supported responses to public sector tenders/RFPs/RFIs from a security architecture, risk and compliance perspective

• Strong team player

About Salesforce 

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work for six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

Salesforce welcomes all.