Enterprise Security Senior Manager (Technology BISO org)

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Enterprise Technology & Infrastructure

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team

Salesforce's Enterprise Security team is at the forefront of enterprise IT, focusing on collaboration with business partners to achieve outstanding outcomes. We lead technology strategy, Salesforce on Salesforce, customer and partner enablement, applications engineering, infrastructure, collaboration, enterprise operations, architecture, and program enablement.

We are seeking a dedicated and dynamic Risk Management and Information Security Senior Manager to join our Enterprise Technology Risk Management team. This role involves advising partners on security control design, process improvements, and implementing information security controls within various compliance frameworks. 

The ideal candidate will motivate change, lead readiness and process/control improvement initiatives, communicate and support recommendations effectively, and influence action in a multi-functional environment. Strong business and information security competence, a consistent track record in advising on control design and process improvements, and the ability to transform business knowledge into scalable solutions are needed! 

Impact - Responsibilities 

• Security Strategy Alignment: Partner with Technology unit leaders to embed information security controls into the system lifecycle, ensuring security controls support operational efficiency and innovation.

• Risk Assessment and Management: Conduct risk assessments for IT systems, applications, and processes. Identify vulnerabilities, recommend mitigations, and prioritize remediation efforts based on business impact.

• Policy and Compliance Implementation: Translate enterprise security policies into actionable controls tailored to the technology unit you support. Ensure compliance with relevant regulations (e.g., GDPR, CCPA, PCI DSS) and industry standards (e.g., NIST 800-53, ISO 27001).

• Control Readiness Reviews: Lead the execution of all phases within a system control readiness lifecycle, ensuring timely delivery and quality work. Supervise functional teams for compliance to outlined processes and ensure that all key controls are being performed satisfactorily

• Metrics and Reporting: Develop and maintain key performance indicators (KPIs) and key risk indicators (KRIs) for Technology units security posture. Provide regular reports to midlevel leadership.

• Compliance Advisory: Experience designing, implementing, and testing internal controls in response to identified risks and how to partner with external or internal audit functions. 

Minimum Qualifications

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field. Equivalent experience may be considered.

• Minimum of 10 years of experience in information security, with at least 5 years in a leadership role focused on technical security across cloud, infrastructure, applications, and third-party integrations.

• Deep understanding of security principles across all tech layers, including cloud platforms (AWS, Azure, GCP), infrastructure security (network, endpoint, IAM), application security (SAST, DAST, secure coding), and third-party risk management frameworks

• Familiarity with security tools such as SIEM (e.g., Splunk, QRadar), vulnerability scanners (e.g., Qualys, Nessus), or IAM solutions (e.g., Okta, SailPoint).

• Demonstrated ability to work independently, take ownership of security initiatives, and drive results with minimal supervision.

• Proven experience conducting risk assessments, implementing security controls, and managing compliance with regulatory frameworks.

• Strong understanding of security and compliance frameworks (e.g., SOX, NIST CSF, ISO 27001/2, CIS Controls).

• Ability to thrive in a dynamic, fast-paced environment, staying ahead of emerging threats and adapting strategies to evolving business needs.

• Excellent communication skills to translate complex security concepts into business-friendly language.

• Strong stakeholder management and collaboration skills to work with cross-functional teams and ability to influence decision-making without direct authority.

Preferred Qualifications

• Demonstrate a strong willingness to continuously learn and adapt to new tools and methodologies, particularly focused on AI.

• The ability to quickly develop strong working relationships with internal groups, including those in international locations, business partners, internal and external auditors

• A willingness to challenge status quo and drive continuous improvement through change and new ideas

• The ability to effectively communicate (written and verbal) points-of-view, recommendations to key collaborators

• Track record of auditing related or consulting experience, high tech industry a plus

• CISA or CISSP highly desired

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

In the United States, compensation offered will be determined by factors such as location, job level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, and benefits. Salesforce offers a variety of benefits to help you live well including: time off programs, medical, dental, vision, mental health support, paid parental leave, life and disability insurance, 401(k), and an employee stock purchasing program. More details about company benefits can be found at the following link: https://www.salesforcebenefits.com.

For Washington-based roles, the base salary hiring range for this position is $184,000 to $253,000.