Security GRC Senior Analyst

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Enterprise Technology & Infrastructure

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

lyst/Senior Analyst - Global Cloud Compliance (Product Compliance)

About Salesforce
 

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team

The Global Compliance and Certification (GCC) team is responsible for enterprise wide compliance processes, ensuring Salesforce leadership has the information needed to make strategic risk-based decisions. You will be part of the GCC org, a division within the Product Security Organization and you will play a pivotal role in driving and overseeing cloud security compliance that support Salesforce’s products. 

Impact - Responsibilities

• Develop and execute audit strategies to ensure compliance with global standards and regulatory requirements.

• Partner directly with engineering leaders, and become familiar with their processes covering multiple domains. 

• Act as the primary liaison between external audit requests and engineering. Be able to lead walkthroughs with external assessors as needed.

• Partner with cross-functional teams to execute audit recommendations and strengthen compliance preparedness.

• Document detailed playbooks on processes and domains that can be leveraged for assessments.

• Help drive automation efforts and continuous improvement projects to boost the efficiency of audit processes.

• Deliver consistent reports to leadership on audit outcomes, emerging trends, and potential compliance risks.

Minimum Qualifications

• 3-5 years of experience managing global compliance assessments in a complex environment.

• Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as ISO 27001, SOC, HIPAA, PCI, HITRUST, and FedRAMP, etc. 

• Project management and stakeholder management experience.

• Technical knowledge and understanding of different hyperscaler environments such as AWS.

• Experience with compliance automation tools and processes.

 

Required Qualifications

• Strong Analytical and problem solving skills with the ability to assess risks and recommend solutions.

• Detail oriented with strong organizational and documentation skills.

• Ability to solve unique, complex and often ambiguous problems with broad impact on the business

• Conceptual and innovative thinking to develop and implement solutions

• Ability to work independently and collaboratively in a fast paced regulatory environment.

• Identify risk in processes and environments, and strategies to mitigate the risk. 

Preferred Qualifications:

• Certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK) are a plus

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

For California-based roles, the base salary hiring range for this position is $137,100 to $188,600.

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.