Security Engineer

Job Description:

The State of California is seeking a Certified Security Engineer with deep expertise in Salesforce platform security and enterprise-level compliance. The ideal candidate will be responsible for assessing, implementing, and monitoring security solutions across Salesforce applications and ensuring alignment with state and federal compliance frameworks, including ISO 27001, PCI-DSS, SOC 2, and GDPR.

Key Responsibilities:

• Lead and support security architecture and governance initiatives within Salesforce environments.
• Ensure compliance with State of California information security policies and regulatory frameworks (ISO 27001, PCI-DSS, SOC, GDPR).
• Conduct vulnerability assessments and remediation using tools such as Qualys, Nessus, and Burp Suite.
• Enforce and monitor security protocols involving Single Sign-On (SSO), Security Assertion Markup Language (SAML), OAuth, and secure API integrations.
• Work closely with DevOps, engineering, and compliance teams to identify security risks in Salesforce-based systems.
• Monitor threat landscapes and perform incident response activities when needed.
• Collaborate on the development of secure coding standards based on OWASP Top 10 and ensure the development of best practices.
• Provide security training and guidance to cross-functional teams.

Required Qualifications:

• 4+ years of experience in information security engineering with a focus on enterprise-level compliance.
• 2+ years of hands-on experience in Salesforce application security.
• 2+ years of experience with vulnerability management tools (e.g., Qualys, Nessus, Burp Suite).
• Strong knowledge of authentication and authorisation frameworks: SSO, SAML, OAuth (4+ years).
• Experience with secure communication protocols: SSL, TLS.
• Familiarity with Identity and Access Management (IDAM) and PKI-based solutions.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Job Description:

The State of California is seeking a Certified Security Engineer with deep expertise in Salesforce platform security and enterprise-level compliance. The ideal candidate will be responsible for assessing, implementing, and monitoring security solutions across Salesforce applications and ensuring alignment with state and federal compliance frameworks, including ISO 27001, PCI-DSS, SOC 2, and GDPR.

Key Responsibilities:

• Lead and support security architecture and governance initiatives within Salesforce environments.
• Ensure compliance with State of California information security policies and regulatory frameworks (ISO 27001, PCI-DSS, SOC, GDPR).
• Conduct vulnerability assessments and remediation using tools such as Qualys, Nessus, and Burp Suite.
• Enforce and monitor security protocols involving Single Sign-On (SSO), Security Assertion Markup Language (SAML), OAuth, and secure API integrations.
• Work closely with DevOps, engineering, and compliance teams to identify security risks in Salesforce-based systems.
• Monitor threat landscapes and perform incident response activities when needed.
• Collaborate on the development of secure coding standards based on OWASP Top 10 and ensure the development of best practices.
• Provide security training and guidance to cross-functional teams.

Required Qualifications:

• 4+ years of experience in information security engineering with a focus on enterprise-level compliance.
• 2+ years of hands-on experience in Salesforce application security.
• 2+ years of experience with vulnerability management tools (e.g., Qualys, Nessus, Burp Suite).
• Strong knowledge of authentication and authorisation frameworks: SSO, SAML, OAuth (4+ years).
• Experience with secure communication protocols: SSL, TLS.
• Familiarity with Identity and Access Management (IDAM) and PKI-based solutions.

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.