Information Security Administrator - CSIRT

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

Role Description

Salesforce - the leader in enterprise cloud computing and one of the top 10 places to work according to Fortune magazine - is seeking an Associate Incident Responder for our Computer Security Incident Response team (CSIRT).

The CSIRT is responsible for 24x7x365 security monitoring and rapid incident response across all Salesforce environments. We are the ‘tip of the spear’ and the last line of defense protecting company and customer data from our adversaries.

Primary Responsibilities

As a key member of Global CSIRT, the Incident Responder is on the ‘front lines’ of the Salesforce Security; forming part of a group of incident responders that protect our critical infrastructure and our customers’ data from the latest information security threats. This role also needs exceptional communication skills (verbal and written), and an ability to quickly understand complex information while recognizing familiar elements within complex situations. This position is based in our 24x7 operations center. As a result, shift work (including on weekends, as needed) is required.

Minimum Qualifications

2+ years of prior experience in an IT operations environment or 1+ years of prior specialized security operations experience consisting of:

• Possess a strong desire to learn.

• Strong interest in information security, including awareness of current threats and security best practices.

• Knowledge of email security threats and security controls, including analyzing email headers

• Understanding of network fundamentals and common Internet protocols.

• Understanding of Mac OSX, Microsoft Windows, and Linux/Unix system administration and security control fundamentals.

• Understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS/TLS, and SMTP

• Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.

• Understanding of cloud security principles and experience with leading platforms (GCP, AWS, Azure) and Kubernetes for security.

• Understanding of the Software Development Lifecycle (SDLC), to include CI/CD pipelines, terraform, github, and other supporting technologies

• The ability to build strong relationships with peers both internal and external to your functional group, and with peers/professional organizations outside your company

• Strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical audiences

DESIRED SKILLS:

• Flexibility, drive, integrity, and creative problem-solving skills

• Operational experience with network and host-based intrusion detection and response solutions, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs

• Experience in being part of a project team - demonstrating ability to contribute to projects across teams where influencing skills are required

• Understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.)

• Previous experience of collaborating with global teams

• A continuous improvement mindset that actively seeks opportunities to enhance security 

• The willingness to apply yourself to learning new skills

• Relevant certifications (CompTIA Security+, BTL1, SANs GCFA, GCIH, etc.) are beneficial.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.