To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.Job CategoryProducts and TechnologyJob DetailsWe’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good– you’ve come to the right place.Job DescriptionTrust is the #1 value at Salesforce. It’s not just words or a slogan; it’s part of the beating heart of the company. Everyone contributes to Trust every day. We define Trust broadly, to include security, availability, and performance. Delivering new capabilities is one thing, but we must do so while protecting and earning our customer's trust.As a Lead Analyst within our Insider Threat Program at Salesforce, you will play a critical role in the protection of our most valuable assets. In this dynamic role, you will take charge of building, implementing and maintaining our Crown Jewel and Data Loss Prevention (DLP) programs. You will be responsible for ensuring that Salesforce’s most critical data is safeguarded against unauthorized access and transmission.Your duties will include developing and executing strategies that will help mitigate insider risk and establish effective controls. You will work with cross-functional teams to establish governance, risk, and policies to maintain regulatory compliance. Additionally, you will play a vital role in developing training and awareness campaigns to support both programs, establishing effective controls, developing training and awareness campaigns for both programs. Success in this position requires exceptional stakeholder management skills, the ability to communicate through complex information to a diverse audience, and an acute attention to detail. You will be responsible for developing, implementing, and maintaining a metrics and risk-reporting dashboard that will support effective decision-making and risk management within the organization.Responsibilities:Develop and implement strategies, corporate policies to identify and protect the organization's crown jewels. Identify and categorize the organization's crown jewels and most sensitive data and collaborate with product managers to implement the appropriate security controls to protect that data. Collaborate with key stakeholders to develop and implement incident response plans for crown jewel assets in the event of a security breach. Collaborate with DLP product management and insider threat to add/change/tune technical models to detect unauthorized data transmission. Assessing the organization's risk profile and developing a DLP strategy to manage risk goals. Establish a governance and risk management framework for crown jewels and DLP to ensure compliance with regulatory requirements and internal policies. Develop executive level metrics dashboard reporting for crown jewels and DLPCollaborate with Security Awareness to develop and deliver training and awareness campaigns to employees across the enterprise. Required Qualifications:8+ years experience in cybersecurity, with a focus on data loss prevention and crown jewelsDemonstrated leadership ability including experience leading complex programs, which involve multiple business and technical stakeholdersPrevious experience in a technical risk management functionExperience with security-related tools such as SIEM, UBA, DLP, etc.Strong knowledge of cybersecurity regulations and compliance standards, such as GDPR, HIPAA, PCI, CUI NISTExcellent written and verbal presentation skills with the ability to communicate professionally with team members, stakeholders, and senior leadership, as neededStrong knowledge of malicious insider threat indicators, such as those associated with theft of intellectual property, sabotage, and espionageA related technical degree requiredAccommodationsIf you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.Posting StatementAt Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.Salesforce, Inc. and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce, Inc. and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce, Inc. and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce, Inc. or Salesforce.org.Salesforce welcomes all.
View Original Job Posting