Massachusetts Information Technology Jobs

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Products and Technology

Job Details

Salesforce’s Security Governance, Risk, and Compliance (GRC) team is looking to hire a Senior Director, Security Risk Management to drive global security risk and cyber-maturity management. This is a key strategic leadership role responsible for leading the Security Risk Management team reporting into the VP, GRC Design and Enterprise Governance & Risk Management. We are looking for a leader with deep GRC knowledge and industry-leading expertise in global security risk and CSF management. The individual must have experience leading a complex portfolio at scale and using technology and automation to reduce the cost of compliance and fuel non-linear growth to support global business demands.

The leader for this role should be an inspiring leader for the organization and have experience with people management, talent development, and mentorship for a global team. The individual for this role should have a focus on scalability and innovation to challenge the status quo and drive risk reduction and security maturity. Finally, the individual should be a force multiplier for the team working cross-functionally to deliver commitments.

Responsibilities:

• People management, talent development, and mentorship for distributed team(s)

• Plans, implements, and manages the risk management program capabilities for all Salesforce security risks

• Enable security capability maturity processes utilizing the NIST Cybersecurity Framework(CSF), ensuring the company makes meaningful and measurable progress in improvement YoY

• Creates and maintains security risk management standards, frameworks, processes, procedures, and other program documentation

• Develops and executes methods to identify and include relevant internal and external risk data to enhance objective, data driven risk models

• Monitors and analyzes security risks and metrics to identify themes, trends, correlations, and variances

• Communicates risk intelligence in a way that drives risk-based business decision-making and action

• Supports Governance, Risk & Compliance (GRC) tools implementation and utilization, including quantitative models

• Integrates with other risk teams and departments, including Enterprise Risk Management (ERM), to ensure alignment and share best practices

• Provides risk management subject matter expertise for members of the Security organization and across the company

• Champion and evangelize risk capabilities for the company

• Build productive partnerships with various technology, legal, security, and analytics teams across Salesforce

Required Skills:

• 10+ years of related experience

• Significant knowledge and experience in all facets of risk management, able to articulate how it applies to our business (security domain highly preferred)

• Understanding of qualitative and quantitative risk modeling

• Strong security risk management background that includes driving strategy, architecture, governance, tooling and enablement

• Knowledge of industry best practices, frameworks and standards (e.g., ISO, NIST, COBIT, FAIR)

• Expertise in security maturity and the use of the NIST Cybersecurity Framework(CSF)

• Experience with data and analytics, dashboards and data visualization tools

• Experience creating and utilizing KPIs and KRIs

• Knowledge of enterprise security relevant legal/regulatory requirements and industry trends

• Engaging and managing consulting partners for large scale projects

• Experience with strategy development and organizational leadership

• Strategic influencer - ability to influence at an executive level

• Ability to motivate people, instill accountability, and achieve results

• Thrives in a agile, fast-paced, collaborative environment, using research and analysis to support recommendations and opinions

• Excellent interpersonal and relationship skills

• Excellent presentation and communication skills

• Detail oriented with an eye for quality

• Experience managing centralized, matrixed resources preferred, with a strong focus on leading teams across several geographies and time zones

• Effectively drive consensus across organizations and clearly articulate strategy, vision and business value

• Excellent business and technical communication skills at all levels of the organization

• Commitment to continuous improvement, successful at leading by influence, and excellent at building business cases for investments to improve security risk posture

• Effectively motivate people, foster accountability and demonstrate the value of risk management across a wide range of individuals

Preferred Skills

• Requires relevant BA/BS degree, Masters degree preferred

• Industry certifications in security(e.g. CRISC, CISSP, CCIE, CISA, CCSK)

• Experience with GRC tools

• Experience using agile to manage GRC workflow

• Process development/6-sigma skills

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form (https://careers.mail.salesforce.com/accommodations-request-form) .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com (http://salesfore.com/) or Salesforce.org .

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.

Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.

There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.

We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.