Salesforce Security Engineers

Role: Salesforce Security Consultant

Location: Sacramento, CA / Hybrid

Duration: 12 months plus

Must have prior State client Experience

Job Description:

Must be a currently certified information security professional possessing one (1) or more of the following credentials (CISM, CISSP, SSCP, GIAC GCUX, GSEC, GCED, GCIH, GCIA, or other equivalent certification.) "

Four (4) years of experience managing and/or enforcing security compliance standards and regulations (e.g., ISO 27001, PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR, or equivalent industry standard) at an enterprise level."

Two (2) years of experience securing Salesforce applications."

Four (4) years of experience authentication/authorization frameworks (e.g., SSO, SAML, OAuth, etc.)."

Three (3) years of experience with secure transport protocols (e.g., SSL, TLS)."

Three (3) years of experience with identity and access management (e.g., IDAM solutions, certificates, PKI)."

Two (2) years of prior experience in vulnerability management and its related processes and procedures within a Salesforce application environment."

One (1) year of experience with web application programming (i.e., JavaScript, SQL, etc.) and familiarity with OWASP secure coding practices."

Two (2) years of experience in vulnerability management and its related processes and procedures, utilizing multiple vulnerability scan tools for both Cloud and On-Prem scenarios (Qualys, Nessus, Rapid7, Cloudaware, Redlock, Whitehat, Burp Suite, Netsparker, etc.)."

Additional point:

For each project conducting security risk assessments that meet the requirements of NIST 800-53 for state of California systems. "

Per additional year of experience above two (2) years designing and/or coding Salesforce solutions of a similar size and scope"

Per project building/managing projects in public cloud (AWS, GCP, or Azure)."

For each year of experience with managing requirements and deployment pipeline Azure DevOps."

Per additional year of experience above two (2) years with Salesforce administration and development; security, standard objects, reports/dashboards, Knowledge, Communities, Chat, data management, and sandbox environments."

Per project using Salesforce.com development tools and techniques such as Apex, custom development, triggers, JavaScript, APIs, JSON, sObjects, SOQL, and SOSL."

Desirable

Salesforce Certifications – All certification must be current.

•       Technical Architect

•       Application Architect

•       System Architect

•       B2B Solution Architect

•       B2C Solution Architect