To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

　　Job Category

　　Enterprise Technology & Infrastructure

　　Job Details

　　About Salesforce

　　We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place.

　　About Salesforce

　　We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place!

　　About Our Team

　　The Salesforce Security Controls Management program is anchored in the principles of Transparency, Inclusiveness, Accountability and Equality. We build, operate, and continuously improve a best in class, organizationally integrated and business value driven, security controls management program commensurate with the most secure enterprise cloud!

　　In this individual contributor role, you bring security domain subject matter expertise, GRC background, operational background, influencing capabilities, and Product Manager know-how. You must have the ability to ramp up quickly to support the Security Controls Management program, and become a trusted advisor to Security and GRC leadership. You create and maintain relationships with business and technical experts throughout the company who provide expertise in security requirements and solutions design.

　　This role has high visibility throughout the entire organization, with growth potential and career path opportunities across technical and leadership roles.

　　Impact - Responsibilities:

　　Assist in the building and maintenance of the security Common Controls Framework (CCF) and other activities in the security controls life-cycle management process covering all Salesforce business units, products, and servicesDrive adoption and awareness of the CCF and eGRC platform with stakeholders across the organization, to include security teams, GRC, engineering teams, legal, etc.Lead controls data within the eGRC platform based upon feedback from partners, framework updates, new framework adoption, or changes in the state of controlsAssist the product owner in defining clear lines of responsibility between various Salesforce organizations including the first, second and third lines of defensePlan, implement, and operate controls management program capabilities including the security Common Controls Framework (CCF) which maps all of Salesforce's external obligations to internal standards and control activitiesBuild and ensure ongoing program oversightResponsible for assuring process effectiveness, measurement and optimizationCreate and maintain security controls management standards, frameworks, processes, procedures, and other program documentationPrepare reports and presentations for multiple audiences with varying business objectives including senior executives and the Board of DirectorsSupport Governance, Risk & Compliance (GRC) tools implementation and utilizationCoordinate with other teams and departments inside Security and across the greater organizationProvide controls management subject matter expertise for members of the Security organizationContinuously identify improvement opportunities and provide feedback to senior team members and management

　　Minimum Qualifications:

　　BA or BS in Computer Science or any related subject area, or 6+ years of experience6+ years of related security governance, risk and compliance experience or equivalent security experienceExperience working in or exposure to large-scale/global organizationsIn depth understanding of security GRC the component programsKnowledge of multiple regulatory compliance frameworks (NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRamp, PCI, GDPR, etc.)

　　Required Qualifications:

　　Agile, proactive, comfortable with ambiguous specifications and able to prioritize quickly and effectivelyExperience working with Information Security, GRC, ERM, Technology, Business, or Legal/Privacy functionsGood interpersonal and relationship skillsExcellent analytical and process development skillsExcellent presentation, facilitation and communication skillsExperience with data and analytics dashboards and visualization toolsDetail oriented with an eye for qualityAbility to work effectively with a wide variety of individuals including developers, systems administrators, executives, customers, regulators, auditors, etc.Experience with eGRC platforms and toolsThrives in a fast-paced, collaborative environment, using research and analysis to support recommendations and opinions

　　Preferred Qualifications:

　　Industry certifications in security, technology, and/or business management are a plus (e.g., CRISC, CISSP, CCIE, CISM, CISA)Proven experience working with Cloud technologies/environments is a plus

　　Accommodations

　　If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

　　Posting Statement

　　At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

　　Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

　　Salesforce welcomes all.

　　For Washington-based roles, the base salary hiring range for this position is $122,600 to $168,700.

　　Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.