Description
Overview of the Role:
In this role, you’re expected to own the area of responsibility with minimal guidance from senior team members. You should innovate, challenge the status quo, embrace operational excellence best practices and use automation and emerging technologies to enhance delivery of your work product. Additionally, accountable for advising business partners on adopting new security requirements.
This candidate must be a U.S. citizen (U.S. born or naturalized) operating on U.S. Soil who does not hold dual citizenship with the ability to meet customer and government screening standards applicable to this role.
Responsibilities:
Drive existing or newly identified initiatives between stakeholder organizations creating synergies and reducing risk of non-compliance with internal or external requirements
Support change management activities with federal authorization bodies
Support multiple security pillars within Salesforce Government Cloud Division including but not limited to, continuous monitoring activities, advisory, incident response, adoption of AI, and security documentation
Consult with business or security stakeholders on information security requirements and applicability to their business processes, products, or services
Create and maintain relationships with key business, legal, Employee Success, Internal Audit, technical/engineering stakeholders, and other organizations throughout the company who provide expertise in security requirements and solution management
Focus on continuous improvement of operational processes and designing innovative and automated functionality for added efficiency
Effectively communicate accreditation positions and programs to applicable business stakeholders
Required Qualifications:
Minimum 8 years of experience in information security, cybersecurity, accreditation, and other security related areas
Experience working with Government Cloud environments such as AWS, Azure, GCP (SaaS, IaaS, PaaS etc)
Experience in security related analysis, creating metrics and dashboards and summarizing large data sets
Ability to work with both business and technical areas and translate between the two areas
Skilled at building rapport and establishing partnerships
Excellent verbal and written communication skills and ability to communicate results to multiple levels of management
Knowledge security frameworks (FedRAMP20x, DoD SRG)
Demonstrated desire to learn new skills and innovate
Agile, proactive, comfortable working with ambiguous specifications and can prioritize quickly and effectively
Excellent interpersonal, relationship, and organizational skills
Excellent analytical and process development skills
Detail oriented with an eye for quality
Drive improvements in existing processes and develop new innovative and efficient solutions
Ability to work effectively with a wide range of individuals including developers, systems administrators, executives, customers, regulators, auditors, etc.
Experience building productive relationships with Technical Operations, Security Operations, Incident Response, Technical Compliance, Engineering, and other stakeholders
Experience working directly with Authorizing Officials in Federal Civilian agencies, including the Department of Defense (DoD), specifically the DISA Cloud Assessment Division.
Proven experience in Compliance Engineering
Preferred Qualifications:
Operationalized AI automation strategies
CISSP, CISA, CISM, AWS or similar certifications a plus
Coding or scripting experience
Experience leveraging AI to help facilitate day-to-day tasks.
Understanding of FedRAMP 20x standards and requirements.
Compliance engineering experience (e.g., developing tools, processes or requirements to facilitate compliance related work).