DevSecOps Engineer - Salesforce, MuleSoft

As a Platform Security Engineer (Salesforce), you will:

• Secure the Salesforce & Mulesoft Platform: Implement best practices to ensure Salesforce applications are "secure by design" and "secure by default," protecting sensitive data and workflows.
• Experience leveraging Salesforce out of box tools for security enforcing capabilities including but not limited to access control, encryption, threat modeling, vulnerability management and applying industry best practices.
• Provide guidelines on usage of AppExchange / Vendor products versus using out of box capabilities with keen eye for cybersecurity risk.
• Risk Identification & Mitigation: Proactively identify security risks across the Salesforce ecosystem and implement solutions to address vulnerabilities.
• DevSecOps Enablement: Drive DevSecOps practices within the organization by embedding security into the development lifecycle of Salesforce applications. Secure Mulesoft integrations with applications.
• Collaboration with Stakeholders: Partner with various customer portfolio teams to influence their roadmaps, ensuring security is a foundational element in their strategies.
• Data Security & Compliance: Ensure compliance with data protection regulations and implement robust data security measures within Salesforce and integrated systems.
• Cloud Integration Expertise: Leverage your knowledge of AWS to secure integrations between Salesforce, Mulesoft, AWS and cloud-based services.
• Continuous Improvement: Stay up-to-date on emerging threats, trends, and technologies in application security to continuously improve our security posture.
• Communication & Advocacy: Act as a trusted advisor on security matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders.

Qualifications:

• Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
• 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
• Strong experience with Salesforce architecture, development, and administration with a focus on platform security (e.g., profiles, roles, permissions, encryption).
• Demonstrated ability to integrate security practices into CI/CD pipelines for Salesforce applications.
• Hands-on experience with AWS services (e.g., IAM, S3, Lambda) and securing cloud integrations.
• Proficiency in data protection techniques such as encryption, tokenization, and access controls.

Soft Skills:

• Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
• Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.