À propos
Read on to fully understand what this job requires in terms of skills and experience If you are a good match, make an application.
The Computer Security Incident Response Team (CSIRT) is the frontline of defense for Salesforce and is responsible for 24x7x365 security monitoring, security operations, real-time analysis of security alert data, and rapid incident response across multiple Salesforce environments. This team protects the confidentiality, integrity, and availability of company and customer data.
As a key member of our growing team, the incident responder will work on the ‘front lines’ of the Salesforce environment, working with a team that protects our critical infrastructure and our customer's data from the latest information security threats.
Responsibilities
The Associate Incident Responder, CSIRT will be part of the monitoring and triage arm of Salesforce CSIRT, responsible for analysing events across a large and complex environment in order to identify security incidents and protect our customers.
Incident Responders use their exceptional judgment and security expertise to distinguish real threats from "noise". In a typical hour, an Incident Responder might examine a malicious email, investigate an unusual login, and analyze a PC with a potential malware issue. Between these events, they will interact with Salesforce colleagues around the world, who contact Salesforce Security with issues ranging from missing laptops to suspicious devices found in our offices.
A successful Incident Responder will have acute attention to detail and a logical approach to analysis and problem-solving. This role also needs exceptional communication skills (verbal and written), and an ability to quickly understand complex information while recognizing familiar elements within complex situations. The ideal candidate should have an interest in developing automation and exploring AI for operations and response.
Required Skills
Strong interest in information security, including awareness of current threats and security best practices
Understanding of Windows, Linux, Mac operating systems, and command line tools.
Expertise in few core IR skills (Incident response, Network Security, Storage and access security, Sandboxing, Compute security etc)
In depth understanding of network fundamentals and common Internet protocols, such as DNS, HTTP, HTTPS / TLS, and SMTP
Knowledge of analyzing network traffic logs, to investigate either security issues or complex operational issues
Knowledge of email security threats and security controls, including analyzing email headers
Foundational understanding of cloud security principles and experience with leading platforms (GCP, AWS, Azure) and Kubernetes for security.
A continuous improvement mindset that actively seeks opportunities to enhance security practices, tools, and methodologies, while incorporating automation and innovative solutions.
Self-motivated, excellent communication, and collaboration skills to effectively work in a team and engage with stakeholders.
Desired Skills & Experience
Bachelor's/Master's degree in Computer Science, Cybersecurity, or a related field.
Knowledge of XSOAR, EDR, and SIEM tools would be a plus.
Scripting language (i.e. Bash, Python, Powershell, etc.) or any automation experience/prompt engineering.
Familiarity with OWASP's Top 10 vulnerabilities and experience in mitigating them.
Foundational understanding of GenAI/AgenticAI
Prior experience in a fast-paced operational environment.
Possessing a strong understanding of the MITRE ATT&CK framework and the ability to apply its tactics, techniques, and procedures (TTPs) is highly beneficial for conducting comprehensive case triage and investigation. xcfaprz
Relevant certifications (CompTIA Security+, Security Blue Team, GIAC GCFA, GCIH, etc.) are beneficial.
#J-18808-Ljbffr
Compétences linguistiques
- English
Avis aux utilisateurs
Cette offre provient d’une plateforme partenaire de TieTalent. Cliquez sur « Postuler maintenant » pour soumettre votre candidature directement sur leur site.