Overview
Remote
On Site
Depends on Experience
Accepts corp to corp applications
Contract - W2
Contract - 12 Month(s)
Skills
Salesforce
Lead
Salesforce Security
CISM
CISSP
SSCP
GIAC GCUX
GSEC
GCED
GCIH
GCIA
security compliance standards
regulations
ISO 27001
PCI
SOC
FISMA
FedRAMP
HIPAA
GDPR
authentication
frameworks
SSO
SAML
OAuth
secure transport protocols
SSL
TLS
access management
IDAM solutions
certificates
PKI
vulnerability management
processes
procedures
Salesforce application environment
web application programming
JavaScript
SQL
OWASP
secure coding practices
Cloud
On-Prem
Qualys
Nessus
Rapid7
Cloudaware
Redlock
Whitehat
Burp Suite
Netsparker
security risk assessment
NIST 800-53
state of California
AWS
GCP
Azure
Azure DevOps
Salesforce administration
Salesforce development
security
standard objects
reports/dashboards
Knowledge
Communities
Chat
data management
sandbox environments
Salesforce.com
Apex
custom development
triggers
APIs
JSON
sObjects
SOQL
SOSL
Salesforce Certification
Technical Architect
Application Architect
System Architect
B2B Solution Architect
Job Details
Salesforce Security Engineer/Lead
MINIMUM REQUIRED KNOWLEDGE, EXPERIENCE AND SKILLS:
1. Must be a currently certified information security professional possessing one (1) or more of the following credentials (CISM, CISSP, SSCP, GIAC GCUX, GSEC, GCED, GCIH, GCIA, or other equivalent certification.)
2. Four (4) years of experience managing and/or enforcing security compliance standards and regulations (e.g., ISO 27001, PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR, or equivalent industry standard) at an enterprise level.
3. Two (2) years of experience securing Salesforce applications.
4. Four (4) years of experience authentication/authorization frameworks (e.g., SSO, SAML, OAuth, etc.).
5. Three (3) years of experience with secure transport protocols (e.g., SSL, TLS).
6. Three (3) years of experience with identity and access management (e.g., IDAM solutions, certificates, PKI).
7. Two (2) years of prior experience in vulnerability management and its related processes and procedures within a Salesforce application environment.
8. One (1) year of experience with web application programming (i.e., JavaScript, SQL, etc.) and familiarity with OWASP secure coding practices.
9. Two (2) years of experience in vulnerability management and its related processes and procedures, utilizing multiple vulnerability scan tools for both Cloud and On-Prem scenarios (Qualys, Nessus, Rapid7, Cloudaware, Redlock, Whitehat, Burp Suite, Netsparker, etc.).
DESIRED KNOWLEDGE, EXPERIENCE AND SKILLS:
1. Conduct security risk assessments that meet the requirements of NIST 800-53 for state of California systems.
2. Additional year of experience above two (2) years designing and/or coding Salesforce solutions of a similar size and scope.
3. Project building/managing projects in public cloud (AWS, Google Cloud Platform, or Azure).
4. Experience with managing requirements and deployment pipeline Azure DevOps.
5. Experience above two (2) years with Salesforce administration and development; security, standard objects, reports/dashboards, Knowledge, Communities, Chat, data management, and sandbox environments.
6. Using Salesforce.com development tools and techniques such as Apex, custom development, triggers, JavaScript, APIs, JSON, sObjects, SOQL, and SOSL.
7. Salesforce Certifications All certification must be current.
Technical Architect
Application Architect
System Architect
B2B Solution Architect
B2C Solution Architect
*State/Federal experience is highly preferred.
MINIMUM REQUIRED KNOWLEDGE, EXPERIENCE AND SKILLS:
1. Must be a currently certified information security professional possessing one (1) or more of the following credentials (CISM, CISSP, SSCP, GIAC GCUX, GSEC, GCED, GCIH, GCIA, or other equivalent certification.)
2. Four (4) years of experience managing and/or enforcing security compliance standards and regulations (e.g., ISO 27001, PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR, or equivalent industry standard) at an enterprise level.
3. Two (2) years of experience securing Salesforce applications.
4. Four (4) years of experience authentication/authorization frameworks (e.g., SSO, SAML, OAuth, etc.).
5. Three (3) years of experience with secure transport protocols (e.g., SSL, TLS).
6. Three (3) years of experience with identity and access management (e.g., IDAM solutions, certificates, PKI).
7. Two (2) years of prior experience in vulnerability management and its related processes and procedures within a Salesforce application environment.
8. One (1) year of experience with web application programming (i.e., JavaScript, SQL, etc.) and familiarity with OWASP secure coding practices.
9. Two (2) years of experience in vulnerability management and its related processes and procedures, utilizing multiple vulnerability scan tools for both Cloud and On-Prem scenarios (Qualys, Nessus, Rapid7, Cloudaware, Redlock, Whitehat, Burp Suite, Netsparker, etc.).
DESIRED KNOWLEDGE, EXPERIENCE AND SKILLS:
1. Conduct security risk assessments that meet the requirements of NIST 800-53 for state of California systems.
2. Additional year of experience above two (2) years designing and/or coding Salesforce solutions of a similar size and scope.
3. Project building/managing projects in public cloud (AWS, Google Cloud Platform, or Azure).
4. Experience with managing requirements and deployment pipeline Azure DevOps.
5. Experience above two (2) years with Salesforce administration and development; security, standard objects, reports/dashboards, Knowledge, Communities, Chat, data management, and sandbox environments.
6. Using Salesforce.com development tools and techniques such as Apex, custom development, triggers, JavaScript, APIs, JSON, sObjects, SOQL, and SOSL.
7. Salesforce Certifications All certification must be current.
Technical Architect
Application Architect
System Architect
B2B Solution Architect
B2C Solution Architect
*State/Federal experience is highly preferred.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.