Incident Response Engineer with TS/SCI clearance (onsite Northern Virginia)
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job CategorySoftware Engineering
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
Inciddent Response Engineer with TS/SCI clearance (onsite Northern Virginia)
The Computer Security Incident Response Team (CSIRT) is responsible for 24x7x365 security monitoring, security operations, real-time analysis of security alert data, and rapid incident response across all Salesforce secure environments. This team protects the confidentiality, integrity, and availability of company and customer data.
As a key member of our growing team, the security operator will work on the ‘front lines’ of the Salesforce Government Cloud environment, working with a team that protects our critical infrastructure and our customers’ data from the latest information security threats.
This position is based in our 24x7 operations center. As a result, shift work (including on weekends, as needed) is required.
Active TS/SCI clearance with Polygraph.
A related technical degree required.
Strong problem solving ability to craft solutions to encountered or anticipated challenges.
Robust technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
Strong interpersonal and communication skills required for coordinating responses to sophisticated incidents across the organization with many non technical and technical stakeholders.
Technical security background and understanding of network fundamentals and common Internet protocols.
Technical understanding of AWS, Azure, or GCP administration and security controls.
Experience with Splunk, Flink SQL, and/or Kibana.
Familiarity with incident response and security operations within public cloud environments.
The ability to own the response to high priority, high transparency operational security issues to resolution with an appropriate sense of urgency.
Scripting language (i.e. Bash, Python, etc.) and automation experience.
Consistent track record in the Information Security field.
Prior experience in a fast paced operational environment.
Operational experience monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs.
Operational experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections.
System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
Relevant information security certifications, such as CISSP, GCFR, GCIA, GCIH or other related certifications.
Qualification for this job is contingent upon acceptable results from a background investigation as well as you obtaining and maintaining the specific level of U.S. Government security clearance required for this role. U.S. citizenship.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org. Salesforce welcomes all.
*LI-YThis candidate must be a U.S. citizen (U.S. born or naturalized) who does not hold dual citizenship and agrees to complete a U.S. federal government Minimum Background Investigation (MBI) for a Moderate Public Trust position.
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.