Job Title: Analyst, Public Sector Security Compliance
Locations: Herndon, VA
Come join the Public Sector Technology Compliance team at Salesforce! Grounded in Salesforce’s core values of Trust, Growth, Innovation, and Equality, this team works across Salesforce to deliver sustainable, world-class public sector compliance programs that protect the company and enable the success of our customers and Salesforce. This team is responsible for the execution and management of advisory, audit, and continuous monitoring programs related to U.S. public sector compliance authorizations maintained by Salesforce, including those stemming from FedRAMP and the DoD Cloud Computing Security Requirement Guide. You will be directly involved in shaping compliance for one of the fastest growing areas at Salesforce.
In this role, you will work with a team of subject matter experts from multiple disciplines to help define and deliver on the compliance needs of the business. You will be involved in evaluating new and changing compliance frameworks, facilitating control assessments and audits, as well as delivering best in class compliance programs for our customers.
Plan, coordinate, and execute work assignments with process and control owners, business partners, and external auditors
Perform controls testing, document results, and provide detailed updates to compliance management and internal stakeholders from other teams
Assist in managing the timely and high-quality execution of certification programs
Assist process/control owners with the preparation and ongoing maintenance of controls and control documentation (e.g., policies, procedures, narratives, etc.)
Proactively identify management, administrative, technical, and physical gaps or conflicts in existing controls and work with internal business partners to develop solutions
Track and assist with remediation of control deficiencies and gaps identified during the audit and/or continuous monitoring processes
Assist with the education and training of process/control owners so they better understand the applicable control frameworks and their responsibilities
Evaluate new and evolving certification programs, updates to existing programs, and net-new requirements
Build strong relationships with business partners and facilitate continuous improvement aligned with operational processes
Effectively communicate program execution and task status, key accomplishments, and risks to senior management
U.S. citizen (U.S. born or naturalized) who does not hold dual citizenship. You agree to complete a Minimum Background Investigation (MBI) for a Moderate Public Trust position with the U.S. federal government or other clearances as deemed appropriate for the role.
Strong technical background with a good understanding of security concepts and their practical usage
Strong written and verbal communication skills, with the ability to effectively and flexibly communicate across all levels of the company
Analytical thinker with strong organizational skills. Attention to detail is a must
Innovation and creativity are key qualifications, as this role will assist business partners in designing scalable and sustainable approaches to satisfying our regulatory requirements
Prior audit experience with public sector frameworks (e.g., FedRAMP, DoD Cloud Computer SRG, FISMA, CJIS, DHS 4300A, IRS 1075, ICD 503, etc.). Additional compliance and regulatory experience related to security and privacy standards across industries and geographies such as PCI, ISO, SOC, HIPAA, and HITRUST is a plus
Ability to work independently and efficiently with limited oversight and/or direction
Must have strong time management skills
Possess a "whatever it takes to get the job done" mentality (e.g., pick up the phone, stop by a desk)
Flexibility in daily hours (i.e., willingness to work longer hours during peak periods)
2+ years of information technology compliance, audit, and/or security experience preferred
BS degree in Management Information Systems, Computer Science, or a related field or at least 2 years of equivalent information systems management experience in lieu of a degree.
Ability to travel up to 15% (US and Canada)
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” six years in a row and one of Fortune’s “100 Best Companies to Work For” nine years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole Ohana (Hawaiian for "family") made up of our employees, customers, partners and communities, we are working to improve the state of the world
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.
This candidate must be a U.S. citizen (U.S. born or naturalized) who does not hold dual citizenship and agrees to complete a U.S. federal government Minimum Background Investigation (MBI) for a Moderate Public Trust position.