Salesforce.com, Inc Senior Manager, Continuous Security Monitoring (GRC) in Burlington, Massachusetts
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Products and Technology
Salesforce Security, Governance, Risk, and Compliance (GRC) Team is responsible for enterprise wide GRC ensuring Salesforce leadership has the information needed to make strategic risk-based decisions enabling the achievement of Salesforce business objectives globally. Our team builds and deploys common governance, risk, and compliance processes, conducts audits, and helps ensure that technologies and business operations are structured and configured for data protection and compliance.
This individual will primarily support Continuous Security Monitoring (CSM) within the GRC Technology Advisory - Controls Assurance (CA) program. The goal of the CSM sub-program is to drive the automation across the enterprise and increase the monitoring of key controls.
Lead the control reporting and monitoring program strategy to ensure continuous alignment with Risk Management, Compliance, and Governance (GRC).
Deliver accurate and actionable compliance guidance and direction to internal stakeholders.
Effectively communicate execution status, key accomplishments, and risks that impact Salesforce’s ability to achieve or maintain compliance accreditations or certifications to Salesforce leadership.
Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency.
Partner and collaborate with cross-functional and international team members within SOX Compliance, Security GRC and Engineering teams to 1) collect requirements, identify data dependencies, and prioritize controls for monitoring, 2) design, build, implement, and monitor security control performance and effectiveness to support risk-based security decisions and 3) Translate security and compliance controls into succinct performance and effectiveness metrics.
Design, implement, and maintain a dynamic, integrated dashboard to visualize the current compliance and effectiveness of security controls.
Monitor and investigate processes to identify and respond to gaps and anomalies in security control performance/effectiveness.
Develop and implement an effective CSM program that leverages an internal common control framework and other applicable standards, policies and regulations.
Closely monitor internal projects and emerging IT trends to determine relevance and impact to the CSM project.
10+ years experience in executing and organizing continuous monitoring and auditing programs, including but not limited to analyzing control processes and diagrams, defining business requirements and control data attributes, prioritizing controls, developing technical solutions, performing compliance anomaly investigations, mapping issues to risks, monitoring and socializing results
Strong knowledge of and experience in security risk management and with control frameworks including related regulatory compliance requirements (e.g., SOC, SOX, HITRUST, HIPAA, FedRAMP, PCI) required and applicable standards, policies and regulations.
Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management
Experience building a product or being part of a team that has built a product from scratch
Strong understanding of infrastructure technology stacks, data normalization and database schemas and concepts.
Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling monitoring coverage (e.g., RPA, data analytics)
Strong ability to operate autonomously, define, drive and execute a program vision, strategy, approach and milestones with minimal guidance and in alignment with organization priorities and initiatives
Strong ability to motivate people, instill accountability and drive results
Strong ability to assess the big picture, connect the dots and apply to program tasking
Strong ability to mature and optimize a program through capability maturity models (e.g., CMMI), innovation, standardization, metrics and reporting
Execution oriented, results-driven, and a self-motivator who is comfortable in a fast-paced, dynamic environment
Critical and analytical thinker, problem solver, decision maker, highly organized and detail oriented
Excellent interpersonal, relationship, collaboration, influencing, and negotiating skills with the leadership team to adopt new ideas, processes and gain commitment on initiatives.
Excellent presentation, facilitation, executive reporting and communication skills
Excellent program management skills, including but not limited to resourcing, capacity planning and budgeting
Knowledge of or experience working with dashboarding, business intelligence or analytics and reporting tools (Tableau, etc.)
Knowledge of or experience working with Agile methodology and GRC tools (Metricstream, Archer, etc.)
Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required.
Relevant BA/BS degree in Management Information Systems, Computer Science, or equivalent experience
Relevant Industry certifications (e.g., CRISC, CISSP, CCIE, CISM, CISA, CCSK)
Relevant AWS Certifications (e.g., AWS Cloud Practitioner)
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form. (http://cloud.mail.salesforce.com/accommodations-request-form)
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org.
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.
Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.
There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.
We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.
- Salesforce.com, Inc Jobs