Monday, August 28, 2023 at 10:18:51 PM Coordinated Universal Time
United States, Washington, Seattle


10,001+ employees · Software Development

About the job

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category Products and Technology Job Details

Trust is the #1 company value at Salesforce. Salesforce has one of the best Information Security teams in the world and growing this piece of the business is a top priority! Our Information Security teams work hand in hand with the business to ensure the highest security around all of our applications. The Salesforce Security Response Center (SSRC) is responsible for 24x7x365 security monitoring and rapid response to security events across all Salesforce environments. We are the ‘tip of the spear’ and the last line of defense protecting the company and customer data from our adversaries.


The VP of SSRC is responsible for leading a global response center comprising multiple operational teams focusing on ensuring Salesforce remains the world’s most trusted customer relationship management platform. The leader helps grow a team of world-class team incident handlers, security event analysts, and product security engineers. To this leader, there are no such things as impossible problems but opportunities and challenges to be overcome with a smile.

Specifically, the VP of SSRC is responsible for all SSRC operations, including:

  • Recruiting, managing, and growing a team of high-performing team incident handlers, security event analysts, and product security engineers , including performance management, career development, mentoring, and training.
  • Establishing strategic plans and objectives for security response, working within corporate strategic initiatives. Responsible for the success of the org.
  • Ensuring operational excellence across all operational teams.
  • Owning and maintaining the Salesforce Security Response Plan and supporting processes.
  • Overseeing significant projects, focused on enhancements to detection and incident response capabilities and other improvements to monitoring and response workflow/process/documentation.
  • Ensuring flawless execution of the incident resolution process, with transparent communication that drives very high levels of internal/external customer satisfaction
  • Overseeing the creation and execution of the incident response strategy and actions for individual security incidents.
  • Ensuring the company is properly prepared to respond to the top threats to the company.
  • Ensuring proper resourcing assigned to the incident and ensuring the incident is receiving the proper support to drive resolution as quickly as possible.
  • Representing Security as the initial single on-point contact for any confirmed or potential high severity incidents and vulnerabilities to company executives.
  • Ensuring all agreed-to operational policies and procedures are adhered to and championing the incident response process.
  • Ensuring the improvement of the security response process based on lessons learned.
  • Removing obstacles/resolving conflicts effectively leveraging influencing skills.
  • Promoting a culture of collaboration and teamwork across org boundaries. Building a broad base of support among key decision-makers and influencers.
  • Making timely decisions, balancing analysis with decisiveness.
  • Modeling and inspiring high levels of integrity and holding others accountable for the same.
  • Creating an environment that encourages innovation, risk-taking, and voicing concerns.
  • Creating a clear and compelling vision of the future inspires followership.

Required Skills

  • 10+ yrs relevant functional experience; at least six leading large, complex organizations.
  • The ability to build & lead a high-performing global team of experts in the field of security monitoring, triage, and incident/vulnerability response.
  • Operational experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating e-mail-borne threats such as spam and phishing.
  • Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
  • The ability to build solid relationships with peers both internal and external to your functional group, and with peers/professional organizations outside your company.
  • The ability to recruit, train and retain highly qualified leaders in incident and vulnerability response.
  • Strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical audiences.
  • Strong technical understanding of incident response and security operations within public cloud environments (e.g. AWS, Azure, or GCP)

Great Things To Have

  • Familiarity and working experience with the Salesforce ecosystem is a significant plus.
  • Relevant information security certifications, such as CISSP, SANS GCIA, SANS GCIH, SANS GPEN, SANS GFCA, and Offensive Security OSCP.


If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org .

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.