CSIRT OR Incident Response Engineer with TS/SCI (onsite Northern Virginia)
Company: Salesforce
Location: Herndon
Posted on: January 26, 2023
Job Description:
To get the best candidate experience, please consider applying
for a maximum of 3 roles within 12 months to ensure you are not
duplicating efforts.Job CategoryProducts and TechnologyJob
DetailsCSIRT- TS/SCIOn Site Location: Northern VirginiaPLEASE
NOTE:Qualification for this job is contingent upon acceptable
results from a background investigation as well as your obtaining
and maintaining the specific level U.S. government background
investigation required for this role. -Salesforce has one of the
best Information Security teams in the world and growing this piece
of the business is a top priority! Our Information Security teams
work hand in hand with the business to ensure the highest security
around all of our applications. The Blackjack Public Computer
Security Incident Response Team (CSIRT) is responsible for 24x7x365
security monitoring and rapid incident response across all
Blackjack Public Cloud Salesforce and acquisition environments.
This team protects the confidentiality, integrity, and availability
of company and customer data.As a key member of our growing
Blackjack Cloud, the CSIRT expert will work on the 'front lines' of
the Salesforce Government Cloud environment, leading a team that
protects our critical infrastructure and our customers' data from
the latest information security threats.The CSIRT is responsible
for security operations, including real-time analysis of security
alert data and leading the response to potential security
incidents. Incident Handlers will also work on compliance projects,
and improvements to detection and incident response capabilities.
We have a strong team environment where knowledge sharing is
encouraged.This position is based in our 24x7 operations center. As
a result, shift work (including on weekends, as needed) is
required.Requirements:
- Active TS/SCI clearance
- A related technical degree required
- Strong problem solving ability to determine solutions to
encountered or anticipated challenges
- Robust technical understanding of the information security
threat landscape (attack vectors and tools, best practices for
securing systems and networks, etc.).
- Drive incidents to resolution with an appropriate sense of
urgency
- Strong interpersonal and communication skills required for
coordinating responses to sophisticated incidents across the
organization with many stakeholders
- Ability to lead time and professional interactions well
- Ability to deliver quality work products with ambitious
deadlines while balancing multiple priorities
- Must have strong verbal and written communication skills;
ability to communicate optimally and clearly to both technical and
non-technical staff.
- Technical security background and understanding of network
fundamentals and common Internet protocols.
- Technical understanding of AWS or GCP administration and
security controls.
- Familiarity with incident response and security operations
within public cloud environments.
- The ability to lead the response to high priority, high
transparency operational security issues.
- 7+ years experience in the Information Security field.
- Prior experience in a fast paced operational environment
- Professional demeanor even in high stress situationsDesired
Skills:
- Operational experience monitoring devices such as network and
host-based intrusion detection systems, web application firewalls,
database security monitoring systems, firewalls/routers/switches,
proxy servers, antivirus systems, file integrity monitoring tools,
and operating system logs.
- Operational experience responding to security incidents in a
production environment, such as investigating and remediating
possible endpoint malware infections.
- System forensics/investigation skills, including analyzing
system artifacts (file system, memory, running processes, network
connections) for indicators of infection/compromise.
- Openness to shift work in a 24x7x365 operations
environment.
- Relevant information security certifications, such as CISSP,
CERT CSIH, GCIH or other SANS certifications.*LI-YQualification for
this job is contingent upon acceptable results from a background
investigation as well as your obtaining and maintaining the
specific level of U.S. Government security clearance required for
this role. U.S. citizenshipAccommodationsIf you require assistance
due to a disability applying for open positions please submit a
request via this .Posting StatementAt Salesforce we believe that
the business of business is to improve the state of our world. Each
of us has a responsibility to drive Equality in our communities and
workplaces. We are committed to creating a workforce that reflects
society through inclusive programs and initiatives such as equal
pay, employee resource groups, inclusive benefits, and more. Learn
more about Equality at Salesforce and explore our benefits.. and
are Equal Employment Opportunity and Affirmative Action Employers.
Qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, sexual orientation,
gender perception or identity, national origin, age, marital
status, protected veteran status, or disability status.. and do not
accept unsolicited headhunter and agency resumes.. and will not pay
any third-party agency or company that does not have a signed
agreement with. or .Salesforce welcomes all.
Keywords: Salesforce, Germantown , CSIRT OR Incident Response Engineer with TS/SCI (onsite Northern Virginia), Engineering , Herndon, Maryland
Didn't find what you're looking for? Search again!
Loading more jobs...