Director - Threat & Vulnerability Management

MuleSoft

Job Description

Job Details

As a leader of the Threat and Vulnerability Management [TVM] Team, you will be focused on operational efficiency behind deployment, maintenance, and performance of services supporting vulnerability scanning of Salesforce assets hosted on public cloud (Azure, AWS, and/or GCP).


To be a great fit for this position, you should have experience with supporting mature vulnerability management programs, with securing public cloud environments, and with leading a small team.We are looking for fellow team members that will demonstrate proficiency with adjusting security control implementation strategies for large, ephemeral, and containerized workloads. Experience with vulnerability and configuration scanning products, enterprise-wide implementations, and passion for security with an ability to deliver results is the perfect mix!


Here’s what you’ll do:

Learn and adapt to Salesforce security strategies, security goals, security objectives and security capabilities to provide a mature and effective vulnerability detection methodology


Implement and maintain enterprise-wide vulnerability management infrastructure and platform across first party and public cloud environments


Provide strategies on vulnerability, configuration, and cloud security scanning


Advise on policy creation based on industry benchmarks and Salesforce security practices


Provide technical authority, vision, and guidance to ensure the continued evolution of Salesforce’s (TVM) program


Monitor endpoint security trends and emerging security threats and recommend changes to policy, procedures and tools


Establish strong working relationships with different parts of the business to provide guidance on remediation of findings


Drive operational efficiency and effectiveness for areas of responsibility


Ensure strong documentation, knowledge overlaps, metrics-driven action, emphasize on automation and scalable solutions


Provide direct or indirect management to a team of security professionals to solve complex issues


Work cross-functionally with product management and distributed systems engineering teams to complete large scale projects with impact across the company


Help team members grow in their respective career paths, provide mentorship and guidance


Motivate and champion a strong team culture


Adapt to change quickly and eagerly: changing requirements, changing priorities, changing strategies


Advocate security and secure practices throughout Salesforce


Here’s what you’ll need:

Minimum of a B.S. in Computer Science, MIS, or related degree and seven (7) years of relevant experience including management or leadership experience or a combination of education, training and experience


2+ years of security experience


2+ years of public cloud experience


Thought leader, articulate, consensus builder, and who is persuasive with a demonstrated ability to serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical team members at all levels of the organization


Experience managing a Vulnerability Management or security related program


Strong working knowledge of Vulnerability Management and Security Testing lifecycles, processes, and procedures


Experience with Cloud Security and deploying enterprise-wide controls in Azure (AWS and/or GCP are a plus)


Experience managing client-server architectures


Strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations


Experience troubleshooting issues and providing customer support


Ability to self-motivate when given strategic goals


Ability to translate strategic or operational goals to technical and tactical requirements and architectures


Fundamental understanding of accepted security practices, known attack vectors, and vulnerability assessment methodologies


Strong written and verbal communications (+ asynchronously when working with global teams)


Strong operational knowledge of Linux (scripting is a major plus)


Strong understanding of Information Security principles and technologies


Experience with networks, firewalls, endpoint protection, log management, patch management, and Active Directory


Familiarity with industry blogs, key publications in the field of security, and awareness of any recent significant security events


Security certificates are a plus


FindTheBestJob is a free service and does not charge a fee at any stage of application or recruitment process. Don’t provide your bank account or credit card details to anyone during job application. FindTheBestJob does not guarantee the availability of a job since organizations may end applications earlier than due date.

Apply Now