DevSecOps Engineer - Salesforce, MuleSoft
Posted 3 days ago by 1751165041
Negotiable
Outside
Remote
USA
Summary: As a Platform Security Engineer specializing in Salesforce, the role focuses on securing the Salesforce and Mulesoft platforms by implementing best practices and ensuring compliance with data protection regulations. The engineer will proactively identify security risks, drive DevSecOps practices, and collaborate with various teams to embed security into development lifecycles. The position requires strong technical expertise in Salesforce architecture and cloud integrations, along with excellent communication skills to advocate for security measures across the organization.
Key Responsibilities:
- Secure the Salesforce & Mulesoft Platform by implementing best practices for security.
- Leverage Salesforce tools for security enforcement, including access control and vulnerability management.
- Provide guidelines on using AppExchange/Vendor products versus out-of-box capabilities.
- Proactively identify security risks and implement solutions to address vulnerabilities.
- Drive DevSecOps practices by embedding security into the development lifecycle of Salesforce applications.
- Collaborate with customer portfolio teams to ensure security is a foundational element in their strategies.
- Ensure compliance with data protection regulations and implement robust data security measures.
- Leverage knowledge of AWS to secure integrations between Salesforce, Mulesoft, and cloud services.
- Stay updated on emerging threats and continuously improve security posture.
- Act as a trusted advisor on security matters, communicating complex concepts effectively.
Key Skills:
- Bachelor's degree in computer science, Information Security, or a related field.
- 5+ years of experience in IT security, with at least 3 years in DevSecOps or Security Engineering roles.
- Strong experience with Salesforce architecture, development, and administration focused on platform security.
- Ability to integrate security practices into CI/CD pipelines for Salesforce applications.
- Hands-on experience with AWS services and securing cloud integrations.
- Proficiency in data protection techniques such as encryption and access controls.
- Excellent communication skills to articulate security concepts to diverse audiences.
- Proven ability to collaborate and influence cross-functional teams on security priorities.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Detailed Description From Employer:
As a Platform Security Engineer (Salesforce), you will:
- Secure the Salesforce & Mulesoft Platform: Implement best practices to ensure Salesforce applications are "secure by design" and "secure by default," protecting sensitive data and workflows.
- Experience leveraging Salesforce out of box tools for security enforcing capabilities including but not limited to access control, encryption, threat modeling, vulnerability management and applying industry best practices.
- Provide guidelines on usage of AppExchange / Vendor products versus using out of box capabilities with keen eye for cybersecurity risk.
- Risk Identification & Mitigation: Proactively identify security risks across the Salesforce ecosystem and implement solutions to address vulnerabilities.
- DevSecOps Enablement: Drive DevSecOps practices within the organization by embedding security into the development lifecycle of Salesforce applications. Secure Mulesoft integrations with applications.
- Collaboration with Stakeholders: Partner with various customer portfolio teams to influence their roadmaps, ensuring security is a foundational element in their strategies.
- Data Security & Compliance: Ensure compliance with data protection regulations and implement robust data security measures within Salesforce and integrated systems.
- Cloud Integration Expertise: Leverage your knowledge of AWS to secure integrations between Salesforce, Mulesoft, AWS and cloud-based services.
- Continuous Improvement: Stay up-to-date on emerging threats, trends, and technologies in application security to continuously improve our security posture.
- Communication & Advocacy: Act as a trusted advisor on security matters, effectively communicating complex technical concepts to both technical and non-technical stakeholders.
Qualifications:
- Bachelor's degree in computer science, Information Security, or a related field (or equivalent experience).
- 5+ years of experience in IT security, with at least 3 years focused on DevSecOps, DevOps or Security Engineering roles
- Strong experience with Salesforce architecture, development, and administration with a focus on platform security (e.g., profiles, roles, permissions, encryption).
- Demonstrated ability to integrate security practices into CI/CD pipelines for Salesforce applications.
- Hands-on experience with AWS services (e.g., IAM, S3, Lambda) and securing cloud integrations.
- Proficiency in data protection techniques such as encryption, tokenization, and access controls.
Soft Skills:
- Excellent Communication Skills: Ability to clearly articulate security concepts to diverse audiences, including engineers, product managers, and executives.
- Collaboration & Influence: Proven ability to work cross-functionally with teams to align on security priorities and influence roadmaps.