IT Security Risk and Compliance Program Manager/Analyst 9/2/2016
San Francisco, CA
JOB DESCRIPTIONAPPLY Post Date:
Salesforce will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
Salesforce.com is looking to hire a Security Risk and Compliance Program Manager/Analyst to join the Information Technology team. A successful candidate is proficient with collaboration and communication skills. The role will focus on teamwork to operate a governance framework for IT Compliance. Accomplishment will be measured by improvement to IT's overall risk posture, compliance with various regulations, and providing management visibility to risk.
Because of the company's business model, we are often challenged with unique, cloud centric, interesting security and compliance requests. Our goal is to improve IT's overall security posture, by reducing security risk, surpassing any compliance requirements and challenges.
We are looking for relevant work experience, appropriate skillsets, and a mindset that matches that of our department and its culture. This resource will report to IT Security.
* Supports the documentation, and validation of processes necessary to assure that associates, information technology systems and business processes meet the organization's information assurance, security, privacy, and compliance requirements.
* Ensures appropriate monitoring of compliance to applicable security policies and audit requirements is in place, functioning and report on their operational effectiveness.
* Conducts review of threats and vulnerabilities, determines deviations from acceptable configurations or enterprise or local policy, assesses the level of risk, and develops and/or recommends and operationalizes appropriate mitigation countermeasures.
* Perform reviews and to supports any external audits.
* Escalates non-compliance issues and risks to IT Security management; follows up on issues with management and IT leadership to ensure carry through of resolutions.
* Evaluate new compliance requirements and determine the impact to existing business practices and customer compliance requirements.
* Ensure appropriate processes are in place and executed to drive collaboration and alignment within the team and with the broader IT organization.
* Serve as a role model and an effective partners with stakeholders within and outside of IT.
QUALIFICATIONS AND EXPERIENCE:
* Bachelor's degree or equivalent experience/certification is required, MS, JD preferred.
* Prior experience in a risk and compliance program.
* Strong written and verbal communication skills; ability to effectively communicate across all levels of the Company; attention to detail.
* Prior experience in a compliance and/or regulatory environment related to security and privacy including security compliance standards across industries and geographies such as FedRAMP, PCI, ISO 27001, HIPAA, SOC, SOX, preferred.
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes's "World's Most Innovative Company" five years in a row and one of Fortune's "100 Best Companies to Work For" eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole Ohana (Hawaiian for "family") made up of our employees, customers, partners and communities, we are working to improve the state of the world.
LI - Y
Salesforce.com is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com does not accept unsolicited headhunter and agency resumes. Salesforce.com will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com.