Information Security Administrator – Csirt
| Company | Salesforce |
|---|---|
| Location | McLean, VA, USA |
| Salary | $Not Provided – $Not Provided |
| Type | Full-Time |
| Degrees | Bachelor’s |
| Experience Level | Junior, Mid Level |
Requirements
- 2+ years of prior experience in an IT operations environment or 1+ years of prior specialized security operations experience
- Possess a strong desire to learn
- Strong interest in information security, including awareness of current threats and security best practices
- Knowledge of email security threats and security controls, including analyzing email headers
- Understanding of network fundamentals and common Internet protocols
- Understanding of Mac OSX, Microsoft Windows, and Linux/Unix system administration and security control fundamentals
- Understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS/TLS, and SMTP
- Familiarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.
- Understanding of cloud security principles and experience with leading platforms (GCP, AWS, Azure) and Kubernetes for security
- Understanding of the Software Development Lifecycle (SDLC), to include CI/CD pipelines, terraform, github, and other supporting technologies
- The ability to build strong relationships with peers both internal and external to your functional group, and with peers/professional organizations outside your company
- Strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical audiences
Responsibilities
- As a key member of Global CSIRT, the Incident Responder is on the ‘front lines’ of the Salesforce Security; forming part of a group of incident responders that protect our critical infrastructure and our customers’ data from the latest information security threats
- This role also needs exceptional communication skills (verbal and written), and an ability to quickly understand complex information while recognizing familiar elements within complex situations
- This position is based in our 24×7 operations center
- As a result, shift work (including on weekends, as needed) is required
Preferred Qualifications
- Flexibility, drive, integrity, and creative problem-solving skills
- Operational experience with network and host-based intrusion detection and response solutions, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs
- Experience in being part of a project team – demonstrating ability to contribute to projects across teams where influencing skills are required
- Understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.)
- Previous experience of collaborating with global teams
- A continuous improvement mindset that actively seeks opportunities to enhance security
- The willingness to apply yourself to learning new skills
- Relevant certifications (CompTIA Security+, BTL1, SANs GCFA, GCIH, etc.) are beneficial.