Logo of Huzzle

Lead Incident Responder

image

Salesforce

19d ago

  • Job
    Full-time
    Senior Level
  • Software Engineering
    IT & Cybersecurity
  • Dublin
  • Quick Apply

AI generated summary

  • You need 5-7 years in security incident response, deep Salesforce knowledge, strong communication skills, log analysis expertise, cloud security experience, and relevant certifications.
  • You will lead complex incident investigations, perform advanced forensics and log analysis, create documentation, train peers, conduct customer calls, and assist with regulatory compliance and reporting.

Requirements

  • 5-7 years experience in information security or closely related roles, with direct experience in security incident response.
  • Deep understanding of Salesforce Platform.
  • Ability to manage and constantly triage multiple security incidents, differentiating urgent issues from the merely important.
  • Ability to meet with customers and communicate complex technical concepts to a non-technical audience.
  • Ability to stand back from a complex problem, logically assess the facts, and formulate a plan of action - even in the worst of situations.
  • Experience managing common types of security incidents, e.g., application or OS compromise, endpoint compromise, internal and external data exposure.
  • Familiarity with common threats and issues leading to security incidents, e.g., common forms of malware, credential phishing, "drive by" host compromises, internal data spillage events, and inadvertent data leaks.
  • Superior verbal and written communication skills, including the ability to effectively and clearly communicate complex scenarios to non-technical colleagues.
  • Exceptional technical basics, including networking fundamentals, common application protocols, system architecture, and basics of software development.
  • Strong Linux and MacOS knowledge, including familiarity with key security controls and preferably some shell scripting experience.
  • Exceptional log analysis skills, including experience extracting data from complex SQL or Hadoop-type data stores.
  • Ability to research and learn unfamiliar technologies quickly, adapting existing knowledge and processes to investigate and resolve security issues.
  • Broad information security knowledge, including some familiarity with key regulations and standards relating to security incident response, as well as regional privacy and regulatory guidelines (e.g., PCI-DSS, GDPR, ISO 27001, DORA).
  • Salesforce Admin certified.
  • 3-5 years E-commerce security experience.
  • Prior experience in a large and complex organization, operating across numerous locations and with a high degree of change.
  • Experience with complex digital forensic cases or investigations, e.g., those with very large numbers of devices, exceptional data volumes, or unusual data sources.
  • Experience securing applications and infrastructure in Amazon Web Services, Google Cloud Platform, and or Azure.
  • Deep application security knowledge, with the ability to map an application vulnerability to exploitation indications and relevant investigative techniques.
  • Relevant incident response or information security certifications, such as SANS GCIA, SANS GCIH, SANS GCFA, SANS GNFA, Offensive Security OSCP.

Responsibilities

  • Provide advanced technical knowledge to incident responders to aid in the identification and containment of incidents.
  • Function as a technical lead on complex investigations, coordinating with stakeholder technical SMEs.
  • Analyze large or complicated evidence items from security incidents and synthesize the results to aid in progressing incidents.
  • Perform advanced host and network forensics.
  • Perform advanced log analysis using a variety of tools.
  • Create detailed timelines and other supporting documentation.
  • Review peers and individual contributors work and train peers and individual contributors on advanced analysis techniques.
  • Lead customer calls related to customer owned incidents.
  • Work with partner teams to provide technical analysis of cases to assist in the development of mitigation and detection techniques.
  • Lead efforts to assist customers in complying with regulatory notifications and provide valuable information on threat actor tactics for DORA.
  • Turn technical analysis into high-quality incident after-action reports to include Root Cause assessment for DORA customers.

FAQs

What is the job title for this position?

The job title for this position is Lead Incident Responder.

What kind of experience is required for this role?

A candidate should have 5-7 years of experience in information security or closely related roles, with direct experience in security incident response.

Is familiarity with the Salesforce Platform necessary?

Yes, a deep understanding of the Salesforce Platform is required for this role.

What kind of responsibilities will the Lead Incident Responder have?

Responsibilities include conducting technical investigations for high severity incidents, performing network forensics and log analysis, leading complex investigations, coordinating with technical stakeholders, and creating detailed incident documentation.

Is experience with cloud services important for this role?

Yes, experience securing applications and infrastructure in Amazon Web Services, Google Cloud Platform, and/or Azure is desirable.

Will the Lead Incident Responder need to communicate with customers?

Yes, the position requires the ability to meet with customers and communicate complex technical concepts to a non-technical audience.

Are there any specific security incident response certifications required?

While not strictly required, relevant certifications such as SANS GCIA, SANS GCIH, SANS GCFA, SANS GNFA, or Offensive Security OSCP are desired.

What are the working hours for the Lead Incident Responder position?

The position is based in the APAC operations center, operating 5 days per week during weekdays, with on-call rotation covering weekends and public holidays during daytime hours.

Does Salesforce provide accommodations for applicants with disabilities?

Yes, Salesforce provides an inclusive recruitment process and offers accommodations for applicants with disabilities through an Accommodations Request Form.

What is Salesforce's stance on equality and diversity?

Salesforce is committed to creating a diverse workforce and driving equality in communities and workplaces, reflected through various programs and initiatives.

👋 We’re Salesforce, the Customer Company. AI + Data + CRM = Customer Magic. ✨

Technology
Industry
10,001+
Employees

Mission & Purpose

Salesforce is a leading cloud-based software company that provides customer relationship management (CRM) solutions and a wide range of enterprise applications. Their platform enables businesses to manage customer interactions, sales processes, marketing campaigns, and service operations in a centralised and efficient manner. Salesforce's ultimate mission is to empower companies to connect with their customers, partners, and employees in meaningful ways, fostering stronger relationships and driving business growth. Their purpose is to revolutionise the way businesses operate by offering a comprehensive suite of cloud-based tools and applications that streamline processes, enhance collaboration, and enable organisations to make data-driven decisions. With a strong focus on innovation, customer success,