Salesforce - the leader in enterprise cloud computing and #1 place to work according to Fortune magazine -is seeking a Security Incident Handler r with a passion for Information Security and an understanding of managing security incidents in an enterprise. The security incident response team at Salesforce deals with the most challenging problems in information security. When you're first reading about a new issue in the news, our CSIRT is already working on it! The pace and variety of our work creates a unique learning environment, whether you are starting out or have deep security experience. You will be given unique challenges and the tools to solve them, surrounded by exceptional colleagues,
and supported by incredibly helpful partner teams.
The Incident Handlers is in charge of leading the company’s response to high severity incidents. Successful Incident Handlers thrive on challenge, are calm under pressure, and can think on their feet.
- Ensuring flawless execution of the incident resolution process, with transparent communication that drives very high levels of internal/external customer satisfaction
- Creating, communicating, and executing the incident strategy and actions for individual security incidents.
- Managing resources assigned to the incident and ensures the incident is receiving the proper support to drive resolution as quickly as possible.
- Escalating, prioritizing, communicating, and coordinating high severity incidents ensuring adherence to the company’s SLA.
- Representing Security as the initial single on-point contact for any confirmed or potential high severity incidents and ensures interested parties and executives are alerted via an internal executive facing chatter group.
- Addressing incoming escalations from executives regarding the incident.
- Ensuring all agreed to operational policies and procedures are adhered to and championing the incident response process.
- Driving the incident process from detection through containment and eradication.
- Leading the coordination with internal stakeholders through resolution of the incident. Closely partnering and collaborating with Infrastructure, Engineering, Operations, Technical Support, Customer Success and Sales Leadership to ensure alignment across the business.
- Leading cross-functional post-incident process reviews to ensure continuous improvement of operations and execution
- Contribute to the improvement of the incident response process based on lessons learned.
- Train and mentor staff on the incident response process.
- 5+ years experience in the Information Security field, including operational security monitoring or incident response experience.
- 3+ years managing, coordinating, and ensuring resolution of security issues.
- Deep experience leading and answering to complex critical incidents security, availability, or customer experience incidents).
- Broad information security knowledge, including some familiarity with key regulations and standards relating to security incident response (e.g., PCI-DSS, GDPR, ISO 27001).
- Ability to manage and constantly triage multiple security incidents, differentiating urgent issues from the merely important.
- Ability to stand back from a complex problem, logically assess the facts, and formulate a plan of action - even in the worst of situations.
- Strong operational and services experience in a cloud services delivery environment
- Strong technical knowledge of complex systems, ideally in a multi-tenant, Cloud environment
- , network fundamentals and common Internet protocols and information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
- Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
- Excellent customer relations skills with experience working with teams across multiple time zones.
- Strong teamwork skills with the ability to build and grow relationships with stakeholders.
- Excellent project management skills, including demonstrated ability to manage projects across teams where influencing skills are required.
- Executes with a high level of operational urgency
- Flexibility, integrity and creative problem-solving skills are a pre-requisite to be successful in this role.
- Experience in conducting root cause analysis.
- Experience with the National Incident Management System.
- System forensics/investigation skills.
- Prior experience in a 24x7x365 operations environment.
- Relevant information security certifications, such as CISSP, SANS GCIA, SANS GCIH, SANS, SANS GCFA, SANS GNFA.
Benefits & Perks:
- Competitive compensation
- Employee Stock Purchase Program
- Catered lunch in the office 3 days a week
- OSDE 410 for the family group
- Wellness and Education Reimbursement
- Unlimited PTO
- Parental Leave
- Childcare subsidies
- And more!
Accommodations - If you require assistance due to a disability applying for open positions please submit a request via this