To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Software Engineering

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

The Salesforce.com Security IAM team is currently seeking a talented and dynamic Leader who is passionate about Security and Identity & Access Management, to help secure the world’s #1 CRM. As leader in the IAM team, your team will be responsible for designing, building, deploying and maintaining IAM systems as well as recommending optimizations for IAM services at a cloud scale. Our Identity Security Operations team builds and operates a wide range of environments that comprise Salesforce’s large portfolio of services. Our engineers work across a wide range spectrum of technologies, ranging from open-source to Commercial tools & platforms, and multiple cloud substrates (AWS, GCP, etc).

The candidate must demonstrate initiative, ownership, and passion, as well as excellent organizational, leadership, and decision making skills. This position helps drive continuous improvement with a focus on process, controls, scalability, and maturity. This role will have an immediate focus on how IAM services are deployed across First Party & Cloud environments, with a longer term focus on increasing our security posture to enhance our NIST CSF score.

Responsibilities:

The ideal candidate will lead and inspire a team within Security Infrastructure Identity and Access [IAM]. Deliver Security services, drive change, think independently, communicate clearly, and provide recommendations for process, service and automation initiatives on 1P (first party) and Cloud environments.Lead development teams in a full-service ownership model following Agile methodologiesLead DevOps activities for owned services in a 24/7 runtime environment, including driving investigations to resolve root cause and implement solutions.Collaborate with other engineering teams to solve security problems with minimal disruption to other business functions.Hire, train and assess the performance of direct reports according to corporate policies and procedures.Assist in the growth of employees through mentor, training and career development activities.Define goals and timely deliverables for improving any of provisioning/deprovisioning, privileged user management, role based access control (RBAC) entitlement, appropriateness of access and/or IAM services that are needed to support our business internally or externally.In conjunction with our engineering teams, work with partners & team members to design/architect, test, deploy and operate our IAM stack. You will partner with other business units, to deliver one enterprise identity solution for Salesforce.Drive design and implementation of innovative distributed software platforms for continuous assessment of security posture of the code and third-party packages used by Salesforce engineers

Required Skills/Experience:

3+ years of experience in managing identity and access management teams.Proficiency with IAM tools such as Okta, SailPoint, Azure AD, CyberArk, ForgeRock, etc.Strong knowledge of authentication standards (SAML, OIDC, OAuth2).Experience with identity lifecycle management and governance frameworks.Familiarity with directory services (LDAP, AD), scripting (PowerShell, Python), and APIs.Understanding of compliance frameworks (e.g., NIST, ISO 27001).Knowledge of automation/scripting languages and CI/CD processes including GoLang, Python (and/or Terraform, Spinnaker, JSON, Puppet).Proven experience driving Software Engineering Excellence practices.Proven experience in driving engineering excellence, showcasing strategic technical insight and driving technical partnershipsExperience in consumption of Web Services APIs (JSON / XML, etc.).Experience in multi-tiered mission-critical systems, cloud environments (Amazon AWS, Microsoft Azure, GCP)Solid experience in a high-availability 24x7x365 environment with highly structured change managementStrong technical understanding of systems, network, and identity fundamentals.Knowledge and experience with Identity and Access Management technologies and concepts.

Desired Skills/Experience:

Knowledge of classic auth platforms: (Kerberos, LDAP, Radius, Tacacs+, etc.).Knowledge of federation platforms/protocols (Oauth, OpenID, SAML, WS-Fed, etc.)Working experience with Commercial/enterprise IAM platforms (Ping Identity, Active Directory, etc.) or Open Source (OpenLDAP, OpenDJ, etc.).Experience with cloud scale Identity, Access Management (Single Sign-On/Multi Factor Authentication), Authorization services or design and architecture of IAM services


*LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

In the United States, compensation offered will be determined by factors such as location, job level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, and benefits. Salesforce offers a variety of benefits to help you live well including: time off programs, medical, dental, vision, mental health support, paid parental leave, life and disability insurance, 401(k), and an employee stock purchasing program. More details about company benefits can be found at the following link: https://www.salesforcebenefits.com.

For Washington-based roles, the base salary hiring range for this position is $184,000 to $253,000.