Product Security Operations Associate

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Job Details

About Salesforce

We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place.

Product Security Operations Associate

Trust is the #1 company value at Salesforce. It's not just words or a slogan: it's part of the beating heart of the company that everyone contributes to daily. Delivering new capabilities is one thing, but we must do so while protecting and earning our customer's trust. We integrate this mindset into everything we do to offer our customers world-class security at every turn.

The Salesforce Product Security organization seeks to consistently and sustainably drive down risk and comply with standards, regulations, and certifications across our entire product landscape- no matter how it evolves in the future. The Product Security organization is seeking an experienced Business Operations Associate to serve as part of the organization's center of excellence for business operations and strategy execution. You will serve in a critical role that defines and maintains operational mechanisms that drive the communications, program execution, resourcing, and financial spend across the organization to achieve our business and security objectives. You will assist in driving the Risk Governance program, executing on a standardized risk hierarchy and framework for organizational consistency and clarity. As part of the program, you will consistently execute strategies that minimize overhead, enhance efficiency, align with the Common Controls Framework, and centralize risk tracking for unified visibility and informed decisions.

You will maintain a cohesive vision and operational strategy across a growing organization. Product Security consists of many security and compliance leaders supporting our 10+ products, as well as other strategic functions that surface risk telemetry, data, and prioritization criteria across our products. As part of the business operations center for this team, you have both the technical and strategic skills to articulate and execute the organization's vision across all team functions and engage with Security partners, cross-business stakeholders, and senior executives.

You will be primarily responsible for:

• Collaborate with internal and external stakeholders in the Risk Governance program to drive toward milestones and ensure on time delivery. This includes running enablement, documentation management, and risk analysis to ensure adherence to risk frameworks and management processes.

• Maintain rhythm of monitoring and reporting mechanisms to communicate team progress, risks, and blockers to various stakeholders and executives through both short- and long-term lenses.

• Oversee strategic Product Security initiatives from development through successful execution under the guidance of senior leadership and stakeholders.

• Act as business liaison to key inter- and cross-business stakeholders and represent strategy, recommendations, and go-forward activities with Product Security priorities in mind.

• Develop and champion internal resources that illustrate the operational frameworks of Product Security to enable effective cross-team collaboration with partner organizations.

• Execute and maintain team communication strategies.

• Track and manage key performance indicators to measure program performance and development.

• Improve current processes and coordinate organizational procedures for optimized efficiency and productivity.

• Maintain cadence of organizational meetings-including managing the agenda and deliverables.

• Cultivate effective, trusted relationships within Product Security.

• Demonstrate active listening in every engagement in order to hear the other person's needs and either deliver accordingly, or kindly reset expectations of the true state of affairs.

Required Skills & Experiences:

• 4+ years in a business or executive management, technology business operations, or related role.

• 2+ years of experience with Information Security, whether it be governance, risk management, detection logging, vulnerability scanning, or others.

• Bachelor's degree or experience in a related field.

• Assessing security risks in cloud environments, including IAM, detection and monitoring, CI/CD security, configuration management, container security, and vulnerability management.

• Strong knowledge of security frameworks (e.g., NIST CSF, NIST SP 800-53, CIS RAM, ISO 27001), compliance regulations, and security best practices for cloud environments.

• Familiarity with cloud-native application architectures and security considerations.

• Excellent communication, collaboration, and interpersonal skills enabling effective communication of complex technical concepts to technical and non-technical stakeholders, partners, and leadership.

• Proven experience organizing and coordinating across multiple teams and departments.

• Extremely versatile, dedicated to ruthless efficiency and productivity.

• Demonstrated experience planning and driving strategic Information Security initiatives, designing and implementing data analytics strategies.

• Strong project reporting skills, with a focus on executive communications.

• Ability to work independently with minimal supervision, while appropriately escalating complex issues and proposed solutions for more challenging matters.

• Ability to analyze and respond to new, unfamiliar information quickly.

Desired Skills & Experiences:

• Relevant certifications such as Professional CISA, CISSP, CISM, AWS Solutions Architect, CCSP, or equivalent

• Consulting experience with a focus on operations management.

• Ability to communicate complex concepts clearly and persuasively across different audiences and varying levels of the organization.

• Self-directed and process-oriented, with experience in hitting milestones with dates

• Customer-focused: you know how to balance your "get it done" attitude with diplomacy to be able to work effectively across different teams and at all levels

• Proven ability to prioritize initiatives utilizing data from multiple input sources, while staying aligned with the bigger picture.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that's inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.