Salesforce Security Officer (Cybersecurity)

TL;DR

Salesforce Security Officer (Cybersecurity): Designing and enforcing security controls across Salesforce GovCloud and AWS environments with an accent on governance, compliance (ATO), and DevSecOps integration. Focus on automating vulnerability management, implementing least-privilege access models, and aligning security with SAFe Agile delivery.

Location: Hybrid (Columbia, MD). Must be able to operate within the Eastern time zone.

Salary: $112,800 - $165,400

Company

A modern digital services company partnering with US Federal agencies to create secure, intuitive products and services that protect national interests.

What you will do

• Lead Salesforce security reviews for new features and govern access models using Profiles, Permission Sets, and Sharing Rules.
• Manage the end-to-end vulnerability lifecycle from detection to remediation using tools like Snyk, AppOmni, Tenable, and Splunk.
• Integrate automated security testing and controls into CI/CD pipelines via GitHub Actions, Jenkins, Copado, and Terraform.
• Lead Security Impact Analyses (SIAs) and maintain all Authorization to Operate (ATO) documentation, including SSPs and POA&Ms.
• Serve as the primary liaison for incident response and compliance reporting to government agency stakeholders.
• Operate as a Security Product Owner/Scrum Master within a SAFe Agile delivery framework.

Requirements

• Must pass U.S. Federal Government public trust clearance (requires US citizenship or specific residency/visa documentation).
• Bachelor's degree in CS/Engineering or 10 years of IT experience (with 8 years of specialized security experience).
• Deep practical knowledge of Salesforce security architecture and GovCloud environments.
• Experience implementing security controls in accordance with federal system security and privacy regulations.
• Hands-on scripting and automation skills using Python, Bash, or PowerShell.
• Excellent command of written and spoken English.

Nice to have

• Industry certifications such as CISSP, CISM, CRISC, or CEH.
• AWS Security Specialty or AWS Solutions Architect certifications.
• Salesforce certifications (Administrator, Security & Privacy, or Platform Developer).
• Strong working knowledge of DISA STIGs, NIST RMF, and FedRAMP requirements.

Culture & Benefits

• Hybrid work environment tailored to Eastern time zone operations.
• Highly competitive salaries.
• Full healthcare benefits.
• Opportunity to work on mission-critical federal government projects.