BISO - US Public Sector Cloud Services, Senior Director

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Product

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

About Salesforce
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team
In the capacity of the Business Information Security Officer (BISO) for Salesforce services on the Government Cloud platform, you will be pivotal in ensuring that Salesforce's US public sector offerings, especially within the police sector, comply with regulatory and security obligations. You will collaborate closely with product engineering, operations, Public Sector compliance, and Government Accreditation teams to oversee and report on security compliance. This role requires a proactive stance in assessing security posture, offering expert guidance, and devising solutions to meet the rigorous standards of government agencies.

Impact - Responsibilities

• Ensure compliance with Salesforce US public sector obligations by collaborating with relevant teams on the Government Cloud platform

• Build and maintain relationships as a trusted security partner with product engineering and operations teams in the US public sector

• Track, report, and escalate compliance status. Partner closely with the US Public Sector Government Accreditation and compliance team for successful reporting and certification renewals

• Continuously assess security posture with a security-by-default mindset. Provide risk reduction recommendations through threat modeling, design reviews, code reviews, and mitigation documentation

• Manage multiple impactful and complex security projects, ensuring alignment with internal security requirements

• Engage in deep architectural discussions to ensure successful deployment or migration of cloud infrastructures, applications, software, and services

• Evaluate emerging threats and attacks, develop and implement appropriate security controls

• Partner with engineering teams and advise on security best practices when integrating CI/CD pipeline tools, test plans, and vulnerability assessment tools

• Work with product teams to develop custom security solutions addressing identified risks

• Provide guidance on developing solutions that prevent similar issues categorically

• Implement opportunities to automate security processes where appropriate
  

Minimum Qualifications

• BA or BS in Computer Science or any related subject area, or 10+ years of experience

• A minimum of 10 years of relevant work experience, particularly in securing large, globally distributed cloud-based or mobile-embedded platforms

• Knowledge of OWASP Top 10 vulnerabilities

• Experience with Threat Modeling using frameworks

• Experience with cross-matrix collaboration related to engineering, security and compliance topics

• Experience with responding to security and compliance customer questionnaires and engaging with customer representatives on security- and compliance-related topics

Required Qualifications

• Proven background in software engineering or development, with a focus on Application or Product Security

• Strong Understanding of application architectures, design principles, common security flaws, and mitigation techniques as outlined by OWASP and SANS

• Experience in building resilient, highly available systems

• Demonstrated ability to evaluate system security, identify patterns, and investigate complex issues

• Established ability to make data-driven, risk-based decisions

• Excellent interpersonal and communication skills, with a results-oriented mindset

• Deep empathy for both internal and external customers, with a passion for enabling developers to deliver new features securely

• LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com .

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce . 

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

For Washington D.C based roles, the base salary hiring range for this position is $224,100 to $341,900.

For California-based roles, the base salary hiring range for this position is $224,100 to $372,900.

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.