Security GRC Manager

Salesforce

3.8

(114)

Dublin, Ireland

Why you should apply for a job to Salesforce:

  • 63% say women are treated fairly and equally to men
  • 70% would recommend this company to other women
  • 81% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.
  • Time off and leaves
  • Perks, such as discounts, commuter benefits & educational reimbursement
  • Mental health, parenting and childcare resources
  • #JR254892

    Position summary

    supports sales growth as well as our #1 core value of Trust. The role will be focused on evaluating technology controls, performing audit readiness, and acting as a compliance subject matter expert to the business. This role will also work directly with all aspects of the Security Governance, Risk and Compliance organization on current and future capabilities that could affect the compliance of our products, with a particular focus on compliance and regulation impacting the EMEA region.

    This successful candidate will work with the business at all organizational layers, so it will be important to :
    -be a strong communicator who excels at explaining complex technology to diverse audiences (across varying technical and business backgrounds) in a way that fosters understanding and ownership.
    -demonstrate flexibility in approach, communication style and depth of understanding
    -be innovative, creative and bring strategic thinking, as this role will assist business and technical partners in designing scalable, sustainable approaches to satisfying our regulatory requirements
    -demonstrate an ability to build influence and evangelize for new initiatives among stakeholders in multiple organizations
    -have an unflappable demeanor and grace under pressure.

    As a result of the Company's on-demand application service technologies and "software-as-a-service" business model, the Security GRC team often confronts novel and challenging compliance issues. The successful candidate must be comfortable working in a very fast-paced and constantly changing environment.

    EMEA GRC Security Compliance
    The EMEA GRC Security Compliance team is responsible for the execution, facilitation and management of Security Compliance certification programs across the company that our customers depend on. This role has a global reach and directly supports sales growth as well as our #1 core value of Trust. The successful candidate will be heavily focused on performing audit readiness, evaluating technology controls and running audits for these security compliance certification programs, primarily ISO 27001/17/18, NEN, HDS and ENS along with regional contractual and regulatory requirements including DORA, NIS-2 and UK CyberEssentials+. Knowledge and understanding of other industry certifications such as SOC1/2/3, HIPAA, PCI, HITRUST, C5, will be a distinct advantage.

    Impact - Responsibilities:

    • Plan, coordinate and execute work assignments with process/control owners and external auditors

    • Perform compliance readiness testing, document results, and provide updates to the Security management, and internal partners (Engineering, Sales, Product Management, Legal, etc.)

    • Manage the timely and high-quality execution of GRC milestones.

    • Advise process & control owners with the preparation and on-going maintenance of controls and control documentation (e.g., policies, procedures, control narratives, and responsibility matrices)

    • Proactively identify gaps or conflicts in existing policies and processes and work to develop solutions with internal business partners.

    • Assist with and drive remediation of process and control deficiencies and gaps identified internally and externally

    • Educate and train process/control owners so they better understand the security controls framework and their responsibilities

    • Evaluate and advise on new and evolving certification programs and technology.

    • Build strong relationships with business partners and facilitate continuous improvement aligned with operational processes.

    • Effectively communicate program execution status, key accomplishments, and risks to senior management both within Security and to our business partners.

    Minimum Qualifications:

    • BA or BS in Computer Science or any related subject area, and 5+ years of experience

    • In-Depth technical background with a good understanding of security concepts and practical usage (Network Engineering, Network Security, Threat and Vulnerability Management, Database, SDLC, and Release Management)

    • Knowledge of, or experience working with, Cloud technologies/environments, including evaluating and implementing controls on Infrastructure as a Service (IaaS) environments

    • Knowledge and understanding of other industry certifications and regulations such as SOC1/2/3, HIPAA, PCI, HITRUST, C5, SOX will be a distinct advantage.

    • Possess a "can do" mentality - demonstrate resilience, persistence, curiosity and constant willingness to improve.

    • Proven security experience in IT audit or advisory

    Required Qualifications:

    • Analytical problem solver with strong organizational skills; attention to detail is a must

    • Ability to work efficiently with minimal oversight/direction

    • Excellent written and verbal communication skills; ability to effectively communicate across all levels of the Company

    • Strong cross team collaboration skills

    • Ability to travel up to 10%

    Preferred Qualifications:

    • Certifications : ISO 27001:2022 Lead auditor or Lead Implementer certified highly desirable.

    • CISA, CCSK preferred

    • Optional CISSP, CRISC

    Accommodations

    If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

    Posting Statement

    At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at https://www.equality.com and explore our company benefits at https://www.salesforcebenefits.com.

    Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

    Salesforce welcomes all.

    Why you should apply for a job to Salesforce:

  • 63% say women are treated fairly and equally to men
  • 70% would recommend this company to other women
  • 81% say the CEO supports gender diversity
  • Ratings are based on anonymous reviews by Fairygodboss members.
  • Time off and leaves
  • Perks, such as discounts, commuter benefits & educational reimbursement
  • Mental health, parenting and childcare resources