Senior Incident & Vulnerability Commander

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

Our Incident and Vulnerability Commanders are a critical part of Salesforce’s Cyber Security Response Center. We lead the response to the most impactful cyber security incidents and vulnerabilities across the organization from the definition of the incident response strategy to the final remediation of the threats. Based on our unique perspective on the cyber threat landscape, we can effectively inform Engineering, Security and Business stakeholders with actionable intelligence on key cyber risks and we are empowered to identify and initiate uplift initiatives across the organization to strengthen our security posture. As Salesforce AI Trailblazers, we have access to early-stage GenAI and LLM technologies and we continuously research and test capabilities to reduce the toil and to scale our incident response and vulnerability management capabilities. 

The scale of our environment and the impact of problems to solve provide unique opportunities to learn and to grow surrounded by a diverse and supportive team and partners. 

Responsibilities: 

• Lead the response to high severity incidents and vulnerabilities during APAC shift. Establish a granular response strategy to investigate, contain and mitigate risk; coordinate cross-functionally its timely execution with a sense of urgency.

• Command technical response calls and Leadership briefings; provide structured, concise and factual information of the incident and its response to a technical and non technical audience. 

• Contribute to post-mortem reviews and identify high impact technical control gaps and process deficiencies. Directly partner with Engineering, Security and Cloud teams to identify, initiate and implement high-impact mitigation initiatives across the environment.

• Provide key insights on high severity risks to Security and Engineering Leadership; partner directly with Security and Engineering Executive teams to inform the security roadmap and to address recurring risks.

• Continuously identify opportunities to simplify and automate. Actively contribute to the design, planning and execution of the automation roadmap for the response function. Research and test the applicability of available LLM technologies, partner with Engineering to design features and iterate on models.

Hours of operations

• Monday/Friday AEST Business Hours

• Global roster for weekend and public holidays 

Required Qualifications: 

Successful Incident and Vulnerability Managers thrive on challenge, are calm under pressure, and leverage on their business acumen and cyber technical expertise to drive timely outcomes. Integrity, flexibility and creative problem-solving skills are prerequisites for this role.

• Experience will be evaluated based on alignment to the core competencies for the role (e.g. extracurricular leadership roles, military experience, volunteer work, etc.)

• 5+ years of experience in cyber security operations.

• Ability to stay composed under pressure and to think critically on the spot.

• Demonstrated experience directly leading high severity cyber security incidents in enterprise environments. Practical knowledge of incident response in a cloud environment.  

• Excellent verbal and written communication skills; ability to communicate effectively and clearly to technical and non-technical audiences in high pressure situations.

• Project management skills with demonstrated ability to drive, influence and coordinate global and cross functional projects.

• Teamwork mindset with the ability to successfully collaborate in a follow-the-sun model and to grow High Trust relationships across the organization.

Preferred Qualifications: 

• Strong technical knowledge of Cloud environments (AWS, GCP, Azure).

• Strong technical knowledge of network fundamentals and common Internet protocols. 

• Strong technical knowledge of incident response frameworks with operational experience across Windows, Mac and Linux forensics 

• Relevant incident response and cyber security certifications

#LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

Salesforce welcomes all.