Salesforce.com has one of the best Information Security teams in the world and growing this piece of the business is a top priority! Our Information Security teams work hand in hand with the business to ensure the highest security around all of our applications. The Information security team is currently seeking a Computer Security Incident Handler with a passion for Information Security and a strong understanding of Security Monitoring and Incident Response.
As a key member of our growing Security Operations team, the Incident Handler will work on the ‘front lines’ of the Salesforce.com production environment, protecting our critical infrastructure and our customers’ data from the latest information security threats.
The Incident Handler is responsible for executing security operations processes, including real-time analysis of security alert data and assisting in the response to potential security incidents.
This position is based in one of our 24x7x365 operations centers. As a result, shift work (including on weekends) is required (between 10am-8pm EST).
- 2-5 years experience in the Information Security field or a relevant undergraduate or Master’s degree focused on Information Security/Information Assurance.
- Strong technical understanding of network fundamentals and common Internet protocols.
- Strong technical understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.).
- Familiarity with Microsoft Windows and Linux/Unix system administration and security controls.
- Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.
- Operational experience monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs.
- Operational experience responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating e-mail borne threats such as spam and phishing.
- System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.
- Experience installing/configuring and utilizing network security monitoring devices such as intrusion detection systems, packet capture tools, etc.
- Experience configuring security incident and event management tools (such as ARCSight, Symantec SIM, LogLogic), including creating event filtering and correlation rules and reports.
- Prior experience in a 24x7x365 operations environment.
- Relevant information security certifications, such as CISSP, SANS GCIA, SANS GCIH, SANS GPEN, SANS GFCA, Offensive Security OSCP.
- Familiar with ITIL service management methodology.
Would you like to apply to this job?
Apply for the Computer Security Incident Handler position
Rypple - 19 months ago