Security GRC Senior Analyst

Description

lyst/Senior Analyst - Global Cloud Compliance (Product Compliance)

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM+Trust. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team

The Global Compliance and Certification (GCC) team is responsible for enterprise wide compliance processes, ensuring Salesforce leadership has the information needed to make strategic risk-based decisions. You will be part of the GCC org, a division within the Product Security Organization and you will play a pivotal role in driving and overseeing cloud security compliance that support Salesforce’s products.

Impact - Responsibilities

Develop and execute audit strategies to ensure compliance with global standards and regulatory requirements.
Partner directly with engineering leaders, and become familiar with their processes covering multiple domains.
Act as the primary liaison between external audit requests and engineering. Be able to lead walkthroughs with external assessors as needed.
Partner with cross-functional teams to execute audit recommendations and strengthen compliance preparedness.
Document detailed playbooks on processes and domains that can be leveraged for assessments.
Help drive automation efforts and continuous improvement projects to boost the efficiency of audit processes.
Deliver consistent reports to leadership on audit outcomes, emerging trends, and potential compliance risks.

Minimum Qualifications

3-5 years of experience managing global compliance assessments in a complex environment.
Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries and geographies such as ISO 27001, SOC, HIPAA, PCI, HITRUST, and FedRAMP, etc.
Project management and stakeholder management experience.
Technical knowledge and understanding of different hyperscaler environments such as AWS.
Experience with compliance automation tools and processes.

Required Qualifications

Strong Analytical and problem solving skills with the ability to assess risks and recommend solutions.
Detail oriented with strong organizational and documentation skills.
Ability to solve unique, complex and often ambiguous problems with broad impact on the business
Conceptual and innovative thinking to develop and implement solutions
Ability to work independently and collaboratively in a fast paced regulatory environment.
Identify risk in processes and environments, and strategies to mitigate the risk.

Preferred Qualifications:

Certifications (CRISC, CISSP, CCIE, CISM, CISA, CCSK) are a plus

For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

At Salesforce, we strive to create an accessible and inclusive experience for all candidates.

If you need a reasonable accommodation during the application or the recruiting process, please submit a request via this Accommodation Request Form.

Please note that Salesforce uses an automated employment decision tool to help our recruiters assess and evaluate candidates’ resumes. If you do not want Salesforce to use this tool with your application, please submit a request via this form.

Equal Opportunity Statement.

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

Salesforce welcomes all.

In the United States, compensation offered will be determined by factors such as location, job level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, and benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.