To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category Products and Technology
Job Details
Salesforce.com is currently seeking a DevOps Security Engineer who is passionate about security, and has had hands-on experience with multiple types of infrastructure (on prem & cloud). Salesforce.com's Infrastructure Security group manages a fast-paced and constantly growing environment that seeks to implement cutting-edge technology to secure the infrastructure behind one of the world's largest business driving technologies. Level offered will be dependent on experience & knowledge.
Responsibilities:
Work as part of our Access Control team within the Security IAM (Identity & Access Management) Engineering organization to design and deliver automated identity and governance solutions across multiple security systems in different technology substrates (1P, AWS, Azure, GCP), to ensure compliance processes run smoothly.
Design & deliver solutions for complex access requests, ensuring our lifecycle management products cater appropriately for new and existing entitlement types in an automated and efficient manner, as per security policy.
Work in Agile framework to identify and automate solutions that result in time savings in the area of Identity & Lifecycle Management (using Python, GoLang).
Work as part of our Compliance & Access Control team to assist with audits of entitlements, appropriateness of access and Quarterly Access Reviews, as defined by our Identity & Access Management Policies.
Assist with audit & compliance reviews, evidence collection and pre-certification testing, ensuring timelines are met for Compliance Certifications (e.g. SOX, SOC, SOC2) at the required cadence.
Partner with the GRC (Governance Risk & Compliance) team and internal & external auditors, to ensure all new automation, controls and processes are reviewed for accuracy and appropriateness.
Partner with various business units to assist in their onboarding to Identity Governance tooling and automation, as built by the Access Control & Security IAM Engineering teams.
Required Skills/Experience:
BS/BEng/BTech degree, or equivalent work experience.
2+ years scripting/automation experience (Python).
Excellent analytical, conceptual, problem-solving skills in addition to excellent attention to detail.
Self-starting, proactive and organized, as well as being capable of long-term thinking.
Passion for scaling systems and software, reducing manual activities, and a growth mindset.
Operating knowledge of
Knowledge of Compliance Certifications (SOX, SOC, SOC2)
Strong technical understanding of systems, networking and identity fundamentals.
Understanding of Agile development methodologies and principles.
Additional Desired Skills:
Experience with Linux, Windows, GIThub, Cloud scale Identity, Access Management (Single Sign-On/Multi Factor Authentication), Authorization services or design and architecture of IAM services
Knowledge of authentication platforms: Kerberos, LDAP, Radius, AD.
Federation platforms/protocols: Oauth, OpenID, SAML, WS-Fed, etc.
Working experience with commercial/enterprise IAM platforms: Ping Identity, Active Directory or Open Source: OpenLDAP, OpenDJ.
Experience in consumption of Web Service APIs: JSON / XML.
Experience of the Salesforce Platform.
Knowledge of Terraform, Spinnaker, JSON, Puppet, etc.
Security specific certifications e.g. CISSP, CISM.
Operating knowledge of Lifecycle Management or Access Provisioning Systems,
Compliance Certification knowledge e.g. FedRAMP, NIST CSF Security Scoring.
Identity and Access: Design and implement consistent and scalable identity and access services for all of Salesforce, integrating our IT network, public cloud infrastructure and our own data centers, and empowering all our engineers to operate these environments in a secure manner.
*LI-Y
Accommodations
If you require assistance due to a disability applying for open positions please submit a request via this .
Posting Statement
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
and are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. and do not accept unsolicited headhunter and agency resumes. and will not pay any third-party agency or company that does not have a signed agreement with or .
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
As a federal contractor, Salesforce is required to verify that all US-based employees are fully vaccinated against COVID-19. If you receive an offer and are unable to get vaccinated for religious or medical reasons, you may request a reasonable accommodation.
Job Category Products and Technology
Job Details
Salesforce.com is currently seeking a DevOps Security Engineer who is passionate about security, and has had hands-on experience with multiple types of infrastructure (on prem & cloud). Salesforce.com's Infrastructure Security group manages a fast-paced and constantly growing environment that seeks to implement cutting-edge technology to secure the infrastructure behind one of the world's largest business driving technologies. Level offered will be dependent on experience & knowledge.
Responsibilities:
Work as part of our Access Control team within the Security IAM (Identity & Access Management) Engineering organization to design and deliver automated identity and governance solutions across multiple security systems in different technology substrates (1P, AWS, Azure, GCP), to ensure compliance processes run smoothly.
Design & deliver solutions for complex access requests, ensuring our lifecycle management products cater appropriately for new and existing entitlement types in an automated and efficient manner, as per security policy.
Work in Agile framework to identify and automate solutions that result in time savings in the area of Identity & Lifecycle Management (using Python, GoLang).
Work as part of our Compliance & Access Control team to assist with audits of entitlements, appropriateness of access and Quarterly Access Reviews, as defined by our Identity & Access Management Policies.
Assist with audit & compliance reviews, evidence collection and pre-certification testing, ensuring timelines are met for Compliance Certifications (e.g. SOX, SOC, SOC2) at the required cadence.
Partner with the GRC (Governance Risk & Compliance) team and internal & external auditors, to ensure all new automation, controls and processes are reviewed for accuracy and appropriateness.
Partner with various business units to assist in their onboarding to Identity Governance tooling and automation, as built by the Access Control & Security IAM Engineering teams.
Required Skills/Experience:
BS/BEng/BTech degree, or equivalent work experience.
2+ years scripting/automation experience (Python).
Excellent analytical, conceptual, problem-solving skills in addition to excellent attention to detail.
Self-starting, proactive and organized, as well as being capable of long-term thinking.
Passion for scaling systems and software, reducing manual activities, and a growth mindset.
Operating knowledge of
Knowledge of Compliance Certifications (SOX, SOC, SOC2)
Strong technical understanding of systems, networking and identity fundamentals.
Understanding of Agile development methodologies and principles.
Additional Desired Skills:
Experience with Linux, Windows, GIThub, Cloud scale Identity, Access Management (Single Sign-On/Multi Factor Authentication), Authorization services or design and architecture of IAM services
Knowledge of authentication platforms: Kerberos, LDAP, Radius, AD.
Federation platforms/protocols: Oauth, OpenID, SAML, WS-Fed, etc.
Working experience with commercial/enterprise IAM platforms: Ping Identity, Active Directory or Open Source: OpenLDAP, OpenDJ.
Experience in consumption of Web Service APIs: JSON / XML.
Experience of the Salesforce Platform.
Knowledge of Terraform, Spinnaker, JSON, Puppet, etc.
Security specific certifications e.g. CISSP, CISM.
Operating knowledge of Lifecycle Management or Access Provisioning Systems,
Compliance Certification knowledge e.g. FedRAMP, NIST CSF Security Scoring.
Identity and Access: Design and implement consistent and scalable identity and access services for all of Salesforce, integrating our IT network, public cloud infrastructure and our own data centers, and empowering all our engineers to operate these environments in a secure manner.
*LI-Y
Accommodations
If you require assistance due to a disability applying for open positions please submit a request via this .
Posting Statement
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
and are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. and do not accept unsolicited headhunter and agency resumes. and will not pay any third-party agency or company that does not have a signed agreement with or .
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
As a federal contractor, Salesforce is required to verify that all US-based employees are fully vaccinated against COVID-19. If you receive an offer and are unable to get vaccinated for religious or medical reasons, you may request a reasonable accommodation.