Senior Incident Manager at Salesforce

What you'd actually do

Act as the Incident or Vulnerability Commander for Salesforce’s high risk cyber security events across our Commercial and GovCloud environments.

Establish response strategy and coordinate its delivery until remediation of threats.

Ensure the highest standards of the execution and documentation of the NIST incident response lifecycle to timely scope, contain and remediate critical security threats.

Command Executive Briefings and response calls, act as security executive liaison.

Maintain timely communications on progress and findings to Leadership and address incoming escalations from executives.

Skills

Required

5+ years of relevant experience in security operations, incident management and/or risk management within an enterprise environment
Experience responding to and leading complex critical cyber security incidents in a large-scale environment.
Broad knowledge of security best practices, the current threat landscape and the incident response lifecycle.
Strong teamwork skills with the ability to build and grow relationships.
Ability to stay composed under pressure and to think critically on the spot.
Excellent verbal and written communication skills; ability to communicate optimally and clearly to both technical and non-technical audiences.
Project management skills with proven ability to drive, influence and coordinate cross-teams and cross-region projects.

Nice to have

Technical knowledge of complex systems and Cloud environments (AWS, GCP, Azure).
Technical knowledge of network fundamentals and common Internet protocols.
Technical knowledge of incident response frameworks with operational experience across Windows, Mac and Linux forensics
Operational and services experience in a cloud services delivery environment
Experience in conducting root cause analysis
Familiarity with cyber key security regulations and standards (e.g.,NIST, PCI-DSS, GDPR, ISO 27001)
Relevant information security certifications

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Enterprise Technology & Infrastructure

Job Details

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn’t a buzzword — it’s a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all.

Ready to level-up your career at the company leading workforce transformation in the agentic era? You’re in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

Overview:

Our Incident Managers are a critical part of Salesforce’s Cyber Security Operations Center (CSOC). As commanders on the most impactful cyber security team, we lead Salesforce’s security response for our Commercial and GovCloud environments while acting as the security executive liaison with Security and Business Leadership across the lifecycle of events. Responsible for the response strategy and its timely execution, we leverage our unique perspective to partner with the wider Security organization to identify, prioritize and remediate critical risks across Salesforce. We are constantly looking at ways to reduce toil, and drive continuous improvement initiatives across our tooling, playbooks and automated workflows. The scale of our environment and the variety of problems to tackle provides unique opportunities to learn and to grow surrounded by a diverse and supportive team and incredibly helpful partners.

Responsibilities:

Act as the Incident or Vulnerability Commander for Salesforce’s high risk cyber security events across our Commercial and GovCloud environments.
Establish response strategy and coordinate its delivery until remediation of threats.
Ensure the highest standards of the execution and documentation of the NIST incident response lifecycle to timely scope, contain and remediate critical security threats.
Command Executive Briefings and response calls, act as security executive liaison.
Maintain timely communications on progress and findings to Leadership and address incoming escalations from executives.
Partner closely with Legal, Software Engineering, Operations, Technical Support, Customer Success and Sales Leadership to ensure and communicate the best outcomes for customers and partners.
Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives.
Contribute to the team sprint and/or lead critical uplift projects.
Educate, train and mentor staff on the incident response lifecycle.

Required Qualifications:

Experience will be evaluated based on alignment to the core competencies for the role (e.g. extracurricular leadership roles, military experience, volunteer work, etc.)
5+ years of relevant experience in security operations, incident management and/or risk management within an enterprise environment
Experience responding to and leading complex critical cyber security incidents in a large-scale environment.
Broad knowledge of security best practices, the current threat landscape and the incident response lifecycle.
Strong teamwork skills with the ability to build and grow relationships.
Ability to stay composed under pressure and to think critically on the spot.
Excellent verbal and written communication skills; ability to communicate optimally and clearly to both technical and non-technical audiences.
Project management skills with proven ability to drive, influence and coordinate cross-teams and cross-region projects.

Preferred Qualifications:

Technical knowledge of complex systems and Cloud environments (AWS, GCP, Azure).
Technical knowledge of network fundamentals and common Internet protocols.
Technical knowledge of incident response frameworks with operational experience across Windows, Mac and Linux forensics
Operational and services experience in a cloud services delivery environment
Experience in conducting root cause analysis
Familiarity with cyber key security regulations and standards (e.g.,NIST, PCI-DSS, GDPR, ISO 27001)
Relevant information security certifications

Unleash Your Potential

When you join Salesforce, you’ll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best, and our AI agents accelerate your impact so you can do your best. Together, we’ll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future — but to redefine what’s possible — for yourself, for AI, and the world.

Accommodations

If you need a reasonable accommodation during the application or the recruiting process, please submit a request via this Accommodations Request Form.

Please note that Salesforce uses artificial intelligence (AI) tools to help our recruiters assess and evaluate candidates’ resumes and qualifications throughout the recruiting process. Humans will always make any candidate selection and hiring decisions. Please see our Candidate Privacy Statement for more information about how we use your personal data and your rights, including with regard to use of AI tools and opt out options.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.