Cyber Incident and Vulnerability Manager
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job CategoryEnterprise Technology & Infrastructure
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
Overview of the Role:
Our Incident and Vulnerability Managers are a critical part of Salesforce’s Cyber Security Response Center. As commanders on the most impactful cyber security incidents and vulnerabilities, we lead Salesforce’s response while acting as the security executive liaison with Security and Business Leadership across the lifecycle of events. Responsible for the response strategy and its timely execution, we leverage on our unique perspective to partner with the wider Security organization to identify, prioritize and remediate critical cyber risks across Salesforce. We are constantly looking at ways to reduce the toil and we drive continuous improvement initiatives across our tooling, playbooks and automated workflows. The scale of our environment and the variety of problems to solve provides unique opportunities to learn and to grow surrounded by a diverse and supportive team and incredibly helpful partners.
Act as Incident or Vulnerability Commander for Salesforce’s high risk cyber security events.
Establish Salesforce’s cyber response strategy and coordinate its delivery until remediation of security threats.
Ensure the highest standards of the execution and documentation of the NIST incident response lifecycle to timely scope, contain and remediate critical security threats.
Command Executive Briefings and response calls, act as security executive liaison.
Maintain timely communications on progress and findings to Leadership and address incoming escalations from executives.
Partner closely with Legal, Software Engineering, Operations, Technical Support, Customer Success and Sales Leadership to ensure the best outcomes for customers and partners.
Lead cross-functional post-incident process reviews to identify and implement continuous improvement initiatives.
Contribute to the team sprint and lead critical cyber uplift projects.
Educate, train and mentor external teams on the incident response lifecycle and cyber best practice.
Successful Incident and Vulnerability Managers thrive on challenge, are calm under pressure, and leverage on their business acumen and cyber technical expertise to drive timely outcomes. Integrity, flexibility and creative problem-solving skills are prerequisites for this role.
5+ years of relevant experience in cyber security operations, cyber incident management and cyber risk management within an enterprise environment
Experience responding to and leading complex cyber security incidents in a large-scale environment.
Broad knowledge of cyber security best practices, the current threat landscape and the cyber incident response lifecycle.
Strong teamwork approach with the ability to build and grow relationships with a wide range of technical and business stakeholders.
Ability to stay composed under pressure and to think critically on the spot.
Excellent verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical audiences.
Project management skills with demonstrated ability to drive, influence and coordinate cross-teams and cross-region projects.
Ability to work in a follow-the-sun model with a 24/7 operating model.
EU or UK citizenship required.
Deep technical knowledge of Cloud environments (AWS, GCP, Azure).
Deep technical knowledge of network fundamentals and common Internet protocols.
Strong technical knowledge of incident response frameworks with operational experience across Windows, Mac and Linux forensics
Experience in conducting root cause analysis
Familiarity with cyber security standards and regulatory frameworks (NIST, PCI-DSS, GDPR, ISO 27001)
Relevant cyber security certifications
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.We are a recognised Disability Confident member under the UK Government Disability Confident employer scheme. We are committed to providing an inclusive recruitment process and will offer an interview to disabled applicants who meet the essential criteria for the role. Applicants are welcome to opt-in to the interview scheme as part of the application process. If you would like to apply under the scheme, please click the link to the Accommodations Request Form above and scroll to the UK Disability Confident Scheme section within the form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.