Salesforce DevSecOps Engineer

Job Title: Salesforce DevSecOps Engineer Location: Remote (USA)
Duration: Fulltime
Position Summary
We are seeking a highly skilled Salesforce DevSecOps Engineer to join our team. The ideal candidate will be responsible for integrating security, development, and operations within our Salesforce ecosystem. This role will focus on automating deployments, ensuring platform security, and enabling efficient, compliant, and scalable Salesforce development practices, particularly across Salesforce Core, Health Cloud, and related managed packages.

Key Responsibilities DevOps & Automation

• Design, implement, and maintain CI/CD pipelines for Salesforce (using tools such as GitHub Actions, Azure DevOps, Jenkins, Copado, Flosum, or Gearset).
• Automate deployments across Salesforce environments (Sandboxes, Scratch Orgs, Production, and Health Cloud environments).
• Manage release automation and metadata deployments using Copado and Flosum for streamlined release governance.
• Monitor, troubleshoot, and optimize release management processes for both standard Salesforce and Health Cloud components.

Security & Compliance

• Integrate security best practices within the Salesforce development lifecycle ( "shift-left security).
• Manage secrets, credentials, and keys using secure vaulting solutions.
• Perform static and dynamic code analysis, vulnerability assessments, and compliance checks.
• Partner with InfoSec and Compliance teams to ensure adherence to HIPAA, GDPR, and SOX regulations, especially for Health Cloud and patient data security.

Operations & Monitoring

• Implement logging, monitoring, and alerting for Salesforce services, integrations, and Health Cloud components.
• Ensure high availability, disaster recovery, and backup strategies for Salesforce environments.
• Support audit activities and prepare documentation for compliance reviews, particularly for Health Cloud security and data privacy.

Collaboration & Enablement

• Work closely with Salesforce Developers, Admins, and Architects to embed DevSecOps practices into the SDLC.
• Provide training and guidance on secure coding, deployment, and DevOps tools such as Copado and Flosum.
• Drive adoption of best practices in branching strategies, version control, and release management.

Qualifications Education & Experience

• Bachelor's degree in Computer Science, Information Security, Engineering, or related field (or equivalent experience).
• 3 7+ years of experience in Salesforce development, DevOps, or cloud security.
• Hands-on experience with Salesforce Health Cloud implementation, deployment, and compliance practices.

Technical Skills

• Strong expertise with Salesforce (Apex, Metadata API, SFDX, LWC, SOQL).
• Proficiency with CI/CD tools (GitHub Actions, Bitbucket Pipelines, Jenkins, Azure DevOps, Copado, Flosum, Gearset).
• Experience with security tools (Snyk, Checkmarx, SonarQube, Salesforce Security Scanner).
• Knowledge of cloud security practices (OAuth, SAML, encryption, API security).
• Familiarity with infrastructure as code (IaC) and containerization (Terraform, Docker, Kubernetes) is a plus.
• Hands-on experience with Git and branching/versioning strategies.

Soft Skills

• Strong problem-solving and troubleshooting abilities.
• Excellent communication and collaboration skills.
• Ability to work in a fast-paced, agile environment.

Preferred Certifications (a plus)

• Salesforce Certified Platform Developer I/II
• Salesforce Certified Health Cloud Accredited Professional
• Salesforce Certified DevOps Center Specialist
• Salesforce Security & Privacy Accreditation
• Certified DevSecOps Professional (CDP)
• AWS/Azure/Google Cloud Platform Security Certifications