Salesforce has one of the best Information Security teams in the world, and growing this piece of the business is a top priority!
Our Information Security teams work hand in hand with the business to ensure the highest security around all of our applications and infrastructure.
CSIRT is a geographically distributed team, responsible for 24x7x365 security monitoring and rapid incident response across all Salesforce environments.
We are the 'tip of the spear' protecting company and customer data from our adversaries.As a key member of our growing Global CSIRT, the Associate Incident Responder is on the 'front lines' of the Salesforce production environment.
You will be contributing to CSIRT projects, conducting threat hunts, and improving core CSIRT workflows and processes.Working hours correspond to our "follow the sun" operating model and shift according to daylight savings during the year.
Applicants must meet all visa requirements to work and live in Australia.REQUIRED SKILLS :Min 2 years of prior specialised security operations experience consisting of:Flexibility, drive, integrity, and creative problem-solving skillsOperational experience with Endpoint Detection and Response (EDR) solutions i.e.
Crowdstrike etc.Operational experience with log analysis platforms i.e.
Splunk, Google Security Operations, Kibana etc.The ability to build strong relationships with peers both internal and external to your functional group, and with peers/professional organisations outside your companyStrong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical audiencesFamiliarity with core concepts of security incident response, e.g., the typical phases of response, vulnerabilities vs threats vs actors, Indicators of Compromise (IoCs), etc.Understanding of network fundamentals and common Internet protocols, specifically DNS, HTTP, HTTPS/TLS, and SMTPUnderstanding of cloud security principles and experience with public cloud (e.g.
AWS, Azure, or GCP)Understanding of Mac OSX, Microsoft Windows, and Linux/Unix system administration and security control fundamentalsStrong interest in information security, including awareness of current threats and security best practicesKnowledge of email security threats and security controls, including analyzing email headersDESIRED SKILLS :Understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.
)Previous experience of collaborating with global teamsWorking proficiency with programming/scripting languages is a plus: i.e.
Python, Bash, Go, PowerShellRelevant information security certifications, such as: BTL1, CERT CSIH, E-Council E|CIH, SANS GCIH, GCFA, GCFE, GX-IH, GX-FA and other related certifications
#J-18808-Ljbffr