Salesforce.com is currently seeking a DevOps Security Engineer who is passionate about security, and has had hands-on experience with multiple types of infrastructure (on prem & cloud). Salesforce.com's Infrastructure Security group manages a fast-paced and constantly growing environment that seeks to implement cutting-edge technology to secure the infrastructure behind one of the world's largest business driving technologies. Level offered will be dependent on experience & knowledge.

Responsibilities:

• Work as part of our Access Control team within the Security IAM (Identity & Access Management) Engineering organization to design and deliver automated identity and governance solutions across multiple security systems in different technology substrates (1P, AWS, Azure, GCP), to ensure compliance processes run smoothly.
• Design & deliver solutions for complex access requests, ensuring our lifecycle management products cater appropriately for new and existing entitlement types in an automated and efficient manner, as per security policy.
• Work in Agile framework to identify and automate solutions that result in time savings in the area of Identity & Lifecycle Management (using Python, GoLang).
• Work as part of our Compliance & Access Control team to assist with audits of entitlements, appropriateness of access and Quarterly Access Reviews, as defined by our Identity & Access Management Policies.
• Assist with audit & compliance reviews, evidence collection and pre-certification testing, ensuring timelines are met for Compliance Certifications (e.g. SOX, SOC, SOC2) at the required cadence.
• Partner with the GRC (Governance Risk & Compliance) team and internal & external auditors, to ensure all new automation, controls and processes are reviewed for accuracy and appropriateness.
• Partner with various business units to assist in their onboarding to Identity Governance tooling and automation, as built by the Access Control & Security IAM Engineering teams.
• This is a full-time position at our engineering office in Dublin.

Required Skills/Experience:

• BS/BEng/BTech degree, or equivalent work experience.
• 2+ years scripting/automation experience (Python).
• Excellent analytical, conceptual, problem-solving skills in addition to excellent attention to detail.
• Self-starting, proactive and organized, as well as being capable of long-term thinking.
• Passion for scaling systems and software, reducing manual activities, and a growth mindset.
• Operating knowledge of
• Knowledge of Compliance Certifications (SOX, SOC, SOC2)
• Strong technical understanding of systems, networking and identity fundamentals.
• Understanding of Agile development methodologies and principles.

Additional Desired Skills:

• Experience with Linux, Windows, GIThub, Cloud scale Identity, Access Management (Single Sign-On/Multi Factor Authentication), Authorization services or design and architecture of IAM services
• Knowledge of authentication platforms: Kerberos, LDAP, Radius, AD.
• Federation platforms/protocols: Oauth, OpenID, SAML, WS-Fed, etc.
• Working experience with commercial/enterprise IAM platforms: Ping Identity, Active Directory or Open Source: OpenLDAP, OpenDJ.
• Experience in consumption of Web Service APIs: JSON / XML.
• Experience of the Salesforce Platform.
• Knowledge of Terraform, Spinnaker, JSON, Puppet, etc.
• Security specific certifications e.g. CISSP, CISM.
• Operating knowledge of Lifecycle Management or Access Provisioning Systems,
• Compliance Certification knowledge e.g. FedRAMP, NIST CSF Security Scoring.