Salesforce.com, Inc Sr. Director, Security Risk Management in Burlington, Massachusetts
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Products and Technology
Salesforce’s Security Governance, Risk, and Compliance (GRC) team is looking to hire a Senior Director, Security Risk Management to drive global security risk and cyber-maturity management. This is a key strategic leadership role responsible for leading the Security Risk Management team reporting into the VP, GRC Design and Enterprise Governance & Risk Management. We are looking for a leader with deep GRC knowledge and industry-leading expertise in global security risk and CSF management. The individual must have experience leading a complex portfolio at scale and using technology and automation to reduce the cost of compliance and fuel non-linear growth to support global business demands.
The leader for this role should be an inspiring leader for the organization and have experience with people management, talent development, and mentorship for a global team. The individual for this role should have a focus on scalability and innovation to challenge the status quo and drive risk reduction and security maturity. Finally, the individual should be a force multiplier for the team working cross-functionally to deliver commitments.
People management, talent development, and mentorship for distributed team(s)
Plans, implements, and manages the risk management program capabilities for all Salesforce security risks
Enable security capability maturity processes utilizing the NIST Cybersecurity Framework(CSF), ensuring the company makes meaningful and measurable progress in improvement YoY
Creates and maintains security risk management standards, frameworks, processes, procedures, and other program documentation
Develops and executes methods to identify and include relevant internal and external risk data to enhance objective, data driven risk models
Monitors and analyzes security risks and metrics to identify themes, trends, correlations, and variances
Communicates risk intelligence in a way that drives risk-based business decision-making and action
Supports Governance, Risk & Compliance (GRC) tools implementation and utilization, including quantitative models
Integrates with other risk teams and departments, including Enterprise Risk Management (ERM), to ensure alignment and share best practices
Provides risk management subject matter expertise for members of the Security organization and across the company
Champion and evangelize risk capabilities for the company
Build productive partnerships with various technology, legal, security, and analytics teams across Salesforce
10+ years of related experience
Significant knowledge and experience in all facets of risk management, able to articulate how it applies to our business (security domain highly preferred)
Understanding of qualitative and quantitative risk modeling
Strong security risk management background that includes driving strategy, architecture, governance, tooling and enablement
Knowledge of industry best practices, frameworks and standards (e.g., ISO, NIST, COBIT, FAIR)
Expertise in security maturity and the use of the NIST Cybersecurity Framework(CSF)
Experience with data and analytics, dashboards and data visualization tools
Experience creating and utilizing KPIs and KRIs
Knowledge of enterprise security relevant legal/regulatory requirements and industry trends
Engaging and managing consulting partners for large scale projects
Experience with strategy development and organizational leadership
Strategic influencer - ability to influence at an executive level
Ability to motivate people, instill accountability, and achieve results
Thrives in a agile, fast-paced, collaborative environment, using research and analysis to support recommendations and opinions
Excellent interpersonal and relationship skills
Excellent presentation and communication skills
Detail oriented with an eye for quality
Experience managing centralized, matrixed resources preferred, with a strong focus on leading teams across several geographies and time zones
Effectively drive consensus across organizations and clearly articulate strategy, vision and business value
Excellent business and technical communication skills at all levels of the organization
Commitment to continuous improvement, successful at leading by influence, and excellent at building business cases for investments to improve security risk posture
Effectively motivate people, foster accountability and demonstrate the value of risk management across a wide range of individuals
Requires relevant BA/BS degree, Masters degree preferred
Industry certifications in security(e.g. CRISC, CISSP, CCIE, CISA, CCSK)
Experience with GRC tools
Experience using agile to manage GRC workflow
Process development/6-sigma skills
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form (https://careers.mail.salesforce.com/accommodations-request-form) .
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com (http://salesfore.com/) or Salesforce.org .
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.
Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.
There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.
We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.
- Salesforce.com, Inc Jobs