topjob

Security GRC (Senior) Manager en Madrid

Descripción del empleo

Job Details

Come join the Security Governance, Risk, and Compliance (GRC) team at Salesforce! Grounded in Salesforce’s core values of Trust, Customer Success, Innovation, and Equality, this team works across Salesforce to deliver sustainable, world-class compliance solutions that protect the company and enable the success of our customers and Salesforce.

The Security GRC team is responsible for helping Salesforce achieve and maintain authorizations and certifications that enable Salesforce services to be used across the world. Specifically, this team is responsible for advisory, readiness, audit, and continuous monitoring programs for Salesforce business and activities across the globe. You will be directly involved in shaping compliance programs at Salesforce.

In this role, you will work with a team of subject matter experts from multiple disciplines and countries to help define and deliver on the compliance needs of the business. You will be helping Salesforce deliver and support new compliance offerings for our customers. This role is focused on cultivating relationships with certification accreditation bodies, developing a strong understanding of customer requirements and expectations, delivering expert guidance to Salesforce teams as they work to satisfy government expectations, and supporting ongoing activities required to achieve and maintain industry authorizations and certifications. This role requires a knowledge and understanding of compliance frameworks such as Spain ENS and ISO 27001/27017/27018. Knowledge of additional commercial compliance frameworks such as SOC, NIST Risk Management Framework, and NIST Special Publication 800-53 is a plus.

Success will be measured by your ability to assist with the execution of various stages of the audit cycle for international certifications including planning, readiness, evidence collection, testing, and reporting; assist with the completion of high-quality work products including project plans, work papers, evidence checklists, and audit reports; work collaboratively and establish strong connections with various members of the Security GRC organization, consulting partners, external auditors, regulators and business partners in various regions, and serve as an advisor to the business; demonstrate eagerness, and intellectual curiosity to learn more about Salesforce services, cybersecurity concepts, and compliance frameworks; stay flexible to change, be agile to deliver, and keep up with the latest trends in the market. You will also co-author and manage your annual work planning via an annual corporate-aligned planner.

Responsibilities:

  • Serve as a primary point of contact for Spanish compliance programs and cultivate strong working relations with European government regulators, accreditation bodies, and authorized auditing firms alongside other Security GRC Orchestration team members.

  • Manage the overall execution of compliance programs aimed at achieving and maintaining Spanish government accreditations and certifications.

  • Develop, maintain, and deliver Salesforce compliance accreditation materials in support of Spanish and other European government accreditations and certifications.

  • Proactively evaluate and advise the business on new and evolving certification programs, requirements, and technologies.

  • Maintain an in-depth understanding of key European public sector compliance requirements, standards, guidance, and interpretations.

  • Deliver accurate and actionable compliance guidance and direction to internal stakeholders.

  • Effectively communicate execution status, key accomplishments, and risks that impact Salesforce’s ability to achieve or maintain compliance accreditations or certifications to Salesforce leadership.

  • Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency.

  • Collaborate with cross-functional team members to gather evidence in support of internal and external assessments and audits.

  • Work with external auditors.

  • Required Skills:

  • Citizen of the European Union

  • Verbal and written fluency in English and Spanish

  • 10+ years of related compliance and/or security experience

  • Strong working knowledge of risk management frameworks

  • Detailed working knowledge and prior experience in audit execution of ISO 27001/17/18 and Spain ENS requirements

  • Detailed working knowledge of European compliance frameworks and requirements

  • Experience working with European government regulators and accreditation bodies

  • Ability to operate autonomously and lead meetings and projects with minimal guidance

  • Analytical thinker, highly organized, detail-oriented, ability to multi-task

  • A proactive goal achiever who innovates to go above and beyond expectations to get the job done and is comfortable working in a fast-paced, dynamic environment incorporating constant change as we grow

  • An up-to-date functioning understanding of current Cyber Security trends

  • Preferred Skills:

  • BS degree in Management Information Systems, Computer Science, or equivalent experience 

  • Passion for the success of the Salesforce Ohana (colleagues, customers, and partners), Security GRC, and delivering innovative programs that reinforce Salesforce's focus on Trust.

  • Prior experience in audit execution of one or more of following compliance frameworks - SOX, SOC, PCI DSS, NIST, FedRAMP, and regional certifications such as Germany C5, Japan PrivacyMark, Japan CS Gold, Australia iRAP, UK Cyber Essentials, Netherlands NEN7510, France ASIP Sante HDS, etc.

  • Supporting certifications (e.g., CISA, CRISC, CISSP)

  • Experience working in large-scale, global organizations

  • Excellent interpersonal and negotiation skills

  • Very strong written and verbal communication and presentation skills

  • Ability to build relationships, motivate people, instill accountability, and drive results

  • Experience working with cloud computing companies and/or technologies

  • Agile, proactive, and comfortable working in ambiguous situations

  • *

    Información extra

    Status
    Activa
    Estudios requeridos
    Otros
    Localización
    Madrid
    Horas a la semana
    8 - 40
    Tipo de contrato
    Tiempo completo
    Publicado el
    06-04-2021
    Tipo de trabajo
    Marketing / Publicidad
    Carnet de conducir
    No
    Vehículo
    No
    Carta de motivación
    No
    Idiomas
    Inglés

    Topjob | Madrid | Trabajo de marketing | Tiempo completo | Otros

    Solicita ya

    Compartir esta oferta