Senior Incident Responder, CSIRT
India - Hyderabad
Salesforce
Bieten Sie die beste Customer Experience mit einem einzigen CRM-Tool für Sales, Kundenservice, Marketing, Commerce & IT. Jetzt 30 Tage testen!To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
Enterprise Technology & InfrastructureJob Details
About Salesforce
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
As a key member of our growing Global CSIRT, the Senior Incident Responder is on the ‘front lines’ of the Salesforce production environment; leading a group of incident responders that protect our critical infrastructure and our customers’ data from the latest information security threats. You will be contributing to significant CSIRT projects, conducting threat hunts, enhancing detection and incident response capabilities, and improving core CSIRT workflows and processes.
Working hours correspond to our “follow the sun” operating model and shift according to daylight savings during the year. This is a full-time position, based in Hyderabad or Bangalore, hybrid “Office-flex”, set shift work position. Shifts begin no earlier than 04:00am (IST), and include one fixed weekend shift.
REQUIRED SKILLS:
5+ years of prior specialised security operations experience consisting of:
Flexibility, drive, integrity, and creative problem-solving skills
Operational experience performing incident response with Endpoint Detection and Response (EDR) solutions i.e. Crowdstrike etc.
Operational experience with log analysis platforms i.e. Splunk, Google Security Operations etc.
The ability to build strong relationships with peers both internal and external to your functional group, and with peers/professional organisations outside your company
Customer-centric attitude and focus on providing best-in-class service for customers and stakeholders
The willingness to apply yourself to learning new skills and gaining certifications
Strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical audiences
Operational experience responding to security incidents in a production environment, such as investigating and remediating large scale network compromise, possible endpoint malware infections and attacker enterprise tactics
Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
Understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS/TLS, and SMTP
Understanding of incident response and security operations within public cloud environments (e.g. AWS, Azure, or GCP)
Understanding of Mac OSX, Microsoft Windows, and Linux/Unix system administration and security control fundamentals
Experience in being part of a project team - demonstrating ability to contribute to projects across teams where influencing skills are required
Previous experience of collaborating with global teams
DESIRED SKILLS:
Understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.)
Working proficiency with programming /scripting languages is a plus: i.e. Python, Bash, Go, PowerShell. Formal development experience would be highly sought after.
Working knowledge of malware reverse engineering
Relevant information security certifications, such as: BTL1, ISC2 CISSP, E-Council E|CIH, SANS GCIH, GCFA, GCFE, GX-IH, GX-FA and other related certifications
#LI-Y
Accommodations
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
Posting Statement
Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: AWS Azure Bash CISSP Cloud CrowdStrike CSIRT DNS EDR GCFA GCFE GCIH GCP Incident response Linux Log analysis Malware PowerShell Python Reverse engineering SANS Scripting SMTP Splunk TLS UNIX Vulnerabilities Windows
Perks/benefits: Career development
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.