Salesforce.com, Inc Security Incident Handler in Dublin, Ireland

Job CategoryProducts and Technology

Job Details

Security Incident HandlerResponsibilities

Salesforce - the leader in enterprise cloud computing and #1 on Fortune's "Best Companies to Work For" list - is seeking a Security Incident Handler to join one of the world's leading incident response teams.

The security incident response team at Salesforce deals with the most challenging problems in information security. When you're first reading about a new issue in the news, our CSIRT is already working on it! The pace and variety of our work creates a unique learning environment, whether you are starting out or have deep security experience. You will be given hard problems and the tools to solve them, surrounded by exceptional colleagues, and supported by incredibly helpful partner teams.

Security Incident Handlers are responsible for leading the response to lower severity incidents and participating in the response to high severity incidents. Successful incident handlers thrive on challenge, are calm under pressure, and can think on their feet.

This position is based in our Dublin operations centre which operates 5 days per week, weekdays only. Incident handlers also participate in a local on-call rotation for weekends and public holidays, which covers daytime hours only.

Required Skills

  • 2 - 5 years experience in information security or closely related roles, with direct experience of security incident response.

  • Ability to manage and constantly triage multiple security incidents, differentiating urgent issues from the merely important.

  • Ability to stand back from a complex problem, logically assess the facts, and formulate a plan of action - even in the worst of situations.

  • Experience managing common types of security incident, e.g., application or OS compromise, endpoint compromise, internal and external data exposure.

  • Familiarity with common threats and issues leading to security incidents, e.g., common forms of malware, credential phishing, "drive by" host compromises, internal data spillage events, and inadvertent data leaks.

  • Host forensics skills, including collecting and analysing system artifacts (file system, memory, running processes, network connections) to assess potential compromise.

  • Superior verbal and written communication skills, including the ability to effectively and clearly communicate complex scenarios to non-technical colleagues.

  • Exceptional technical basics, including networking fundamentals, common application protocols, system architecture, and basics of software development.

  • Strong Linux knowledge, including familiarity with key security controls and preferably some shell scripting experience.

  • Ability to research and learn unfamiliar technologies quickly, adapting existing knowledge and processes to investigate and resolve security issues.

  • Broad information security knowledge, including some familiarity with key regulations and standards relating to security incident response (e.g., PCI-DSS, GDPR, ISO 27001).

Desired Skills

  • Prior experience in a large and complex organisation, operating across numerous locations and with a high degree of change.

  • Experience with complex digital forensic cases or investigations, e.g., those with very large numbers of devices, exceptional data volumes, or unusual data sources.

  • Exceptional log analysis skills, including experience extracting data from complex SQL or Hadoop-type data stores.

  • Experience securing applications and infrastructure in Amazon Web Services and similar IaaS / PaaS platforms.

  • Exceptional log analysis skills, including experience extracting data from complex SQL or Hadoop-type data stores.

  • Deep application security knowledge, with the ability to map an application vulnerability to exploitation indications and relevant investigative techniques.

  • Relevant incident response or information security certifications, such as SANS GCIA, SANS GCIH, SANS GCFA, Offensive Security OSCP.

Posting Statement

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work For six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!