Skip to main content

Manager/Senior Manager -Global Cloud Compliance (FedRAMP)

a couple of women smiling

Description

Manager/Senior Manager -Global Cloud Compliance (FedRAMP)

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team

The Global Compliance and Certification (GCC) team is responsible for enterprise wide compliance processes, ensuring Salesforce leadership has the information needed to make strategic risk-based decisions. You will report directly to the Vice President of GCC, a division within the Product Security Organization and you will play a pivotal role in driving and overseeing cloud security compliance that support Salesforce’s federal and government customers, including U.S. Federal agencies.

Impact - Responsibilities

  • Compliance Oversight: Establish and govern a common controls strategy to ensure security and compliance across Salesforce’s environments.

  • Risk & Audit Management: Oversee internal security audits, risk assessments, and mitigation plans, ensuring timely remediation of high-risk systems. This includes reviewing the strategy and monthly con-mon submissions and identifying dependencies, areas of improvement, and efficiencies.

  • Stakeholder Collaboration: Partner with cross-functional teams, including product security, engineering, legal, and external regulatory bodies, to align compliance initiatives with business objectives.

  • Build and Maintain External Partnerships: Maintain and lead partnerships with various agencies (DoD, VA, etc.) and the FedRAMP PMO, staying atop of all industry updates and changes to the program.
    Process Optimization: Drive efficiencies in compliance assessments, including the implementation of innovative approaches to meet and exceed security requirements.
    Incident Response & Threat Management: Provide executive-level guidance on incident response and security forensics, ensuring alignment with compliance frameworks.
    Policy & Governance: Lead the development of security policies, procedures, and reporting mechanisms to meet global regulatory and customer requirements.

Minimum Qualifications

  • Strong Established Partnerships and connections with key federal agencies and the FedRAMP PMO governing body.

  • 7- 10 years of experience in cybersecurity, cloud compliance, or risk management, with a focus on regulatory frameworks.

  • Experience working with Government Cloud environments such as AWS, Azure, GCP (SaaS, IaaS, PaaS etc)

  • Knowledge of multiple regulatory compliance frameworks (NIST CSF & 800-53, ISO27001, SOC, HITRUST, HIPAA, FedRAMP, DOD SRG IL4/IL5, PCI, etc.)

  • Proven leadership experience in driving enterprise-wide compliance strategies and cross-functional initiatives.

  • Exceptional ability to communicate and influence stakeholders at all levels, including senior executives.

  • Industry certifications such as CISA, CISSP, CCSK, or equivalent are highly desirable.

Required Qualifications

  • Experience working with the FedRAMP PMO, FedRAMP JAB, and DISA Cloud Assessment Division

  • Strong Understanding of application architectures, design principles, common security flaws, and mitigation techniques as outlined by OWASP and SANS

  • Proficiency in authentication mechanisms like SAML and OAuth

  • Capable of clearly conveying security and risk concepts to both technical and non-technical audiences

  • Known to work in presenting to and engaging with senior executive leaders’ different risks and upcoming governance

  • Confirmed capacity to remain calm and effective under fast paced and high-stress conditions. Strong critical thinking skills with hard-working analytical problem-solving capabilities

  • Strong Project Management skills, being able to balance and track multiple projects going on at the same time to completion.

  • Ability to partner with and lead others not reporting directly to you and being a standout colleague

  • Experience providing clear instructions and details with technical and non-technical members.

  • Ability to prioritize in a constantly evolving environment

Due to the criteria and security levels for Salesforce’s FedRAMP program, the position will require the following as well:

  • US Citizenship

  • Residence within the contiguous United States

For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

At Salesforce, we strive to create an accessible and inclusive experience for all candidates.

If you need a reasonable accommodation during the application or the recruiting process, please submit a request via this Accommodation Request Form.

Please note that Salesforce uses an automated employment decision tool to help our recruiters assess and evaluate candidates’ resumes. If you do not want Salesforce to use this tool with your application, please submit a request via this form.

Equal Opportunity Statement.

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

Salesforce welcomes all.

In the United States, compensation offered will be determined by factors such as location, job level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, and benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.

We can't wait to meet you!

Join our Talent Community and be the first to know about open roles, career tips, events happening near you, and much more.

Join our Talent Community
a cartoon of two robots