Information Security Principal (Environment Threat Assessment)

Salesforce

Remote Actively hiring
Remote, USA · San Francisco, CA Posted 52 days ago $197,300$313,700 / year
View original post Log in to save

At a glance

AI generated

TL;DR

As a Principal Threat Assessment Engineer on the Environmental Threat Assessment team at Salesforce, you will serve as a technical leader and subject matter expert, driving strategic vision for threat identification and mitigation across global infrastructure. Your daily tasks include conducting complex threat assessments, mentoring junior analysts, and scaling capabilities through automation. You will translate deep technical research into actionable requirements for Product & Enterprise Security partners and stakeholders, ensuring robust security measures are in place. Key responsibilities involve threat modeling for infrastructure and applications, utilizing threat intelligence to conduct research, assessing cloud security controls across AWS, GCP, and Azure, analyzing logs from various security tools, engaging executive stakeholders, and collaborating with Cyber Security operations teams. The role requires extensive experience in threat modeling, security architecture, and incident response, along with proficiency in frameworks like MITRE ATT&CK and STRIDE, and strong analytical and communication skills.

Skills

AWS GCP Azure Cyber Kill Chain Diamond Model MITRE ATT&CK STRIDE Cloud Security OWASP Top 10 Threat Modeling Incident Response Threat Intelligence Log Analysis Security Architecture Tactical Threat Insights Collaboration Automation AI Tooling

What you'll do

  • Conduct threat modeling for infrastructure and applications, considering real-world threats.
  • Analyze cloud security controls across AWS, GCP, and Azure to ensure robustness.
  • Identify gaps in security coverage by analyzing logs from various tools.
  • Translate technical assessments into actionable recommendations for stakeholders.
  • Mentor junior analysts and engineers to enhance team capabilities through automation.
  • Engage with executive stakeholders to shape business decisions based on threat insights.
  • Collaborate with cybersecurity teams to design alerting systems against realized threats.

What we're looking for

  • 12+ years of experience in threat modeling, security architecture, incident response, or threat intelligence.
  • Expertise in threat actor tactics and offensive strategies with strong research and analytical skills.
  • Proficiency in cloud security fundamentals and various threat modeling frameworks like MITRE ATT&CK.
  • Ability to analyze logs from multiple security tools and understand application security vulnerabilities.
  • Excellent communication skills for translating technical assessments into actionable recommendations.

Market check

Salary context

This $197,300–$313,700 range sits above 95% of similar postings on FindRole.

Peer median band

$119,200$201,193

Median floor and ceiling across peers.

Typical midpoint (25–75%)

$142,037$185,900

Middle half of comparable postings.

Based on 238 comparable postings.

* 240 is the maximum number of comparable postings sampled.

Employer

About Salesforce

Salesforce is the world''s leading customer relationship management (CRM) platform, offering cloud-based software for sales, service, marketing, analytics, and application development. Industry: Enterprise Software & Cloud Computing

Salesforce currently has 66 open roles on FindRole.

Listed pay typically runs $148,500–$260,100 across 59 roles with salary data.

Most-posted roles

View all roles at Salesforce

More like this

Similar roles

Information Security Senior

Salesforce

Remote (Virginia - Washington Dc Metro - Remote, US) 23 days ago $172,500$260,100
AWS Azure GCP FedRAMP20x DoD SRG CI/CD Agile Python R SQL Kubernetes Terraform Prometheus Grafana GitLab Jira Confluence AI Machine Learning
Remote

Information System Security Officer

Leidos

2683 Huntsville Al, US 38 days ago $87,100$157,450
RMF DAAG NISPOM Windows Linux Active Directory Group Policy Delinea SPLUNK Trellix SolarWinds Tenable SCAP STIG Viewer NIST eMASS CISSP CISM CISA

Information System Security Officer

Booz Allen Hamilton

Locations Mclean, Virginia, US 39 days ago $62,000$141,000
RMF GRC NIST FISMA CISSP CISSP-ISSAP CISSP-ISSEP DoD 8570 Vulnerability Scanning Tool Patch Management Incident Response Data Loss Prevention Risk Mitigation Security Controls Design

Information Systems Security Officer

Leidos

9615 Ashburn Va Non-Specific Customer Site, US 26 days ago $107,900$195,050
NIST SP 800-37 DHS 4300A FISMA Risk Management Framework System Security Plans Contingency Plans Privacy Impact Assessment Security Test and Evaluation Configuration Management Change Management Vulnerability Scanning Patch Management NIST CBP DHS ISO 27001 ISC2 CAP CompTIA CASP+

Information Systems Security Officer

Booz Allen Hamilton

Locations San Diego, California, US 19 days ago $99,000$225,000
NIST 800-53 RMF Risk Management Framework eMASS XACTA ACAS STIGs SCAP SAPF SCIF cloud architecture virtualization computer networking DoD STIGs configuration management CI/CD

Information Security Risk Specialist

Booz Allen Hamilton

Locations Fort Belvoir, Virginia, US 51 days ago $99,000$225,000
AWS Azure RMF ACAS SCAP STIGs SRGs eMASS Xacta NIST SP 800-53 CNSSI 1253 DevSecOps CI/CD Kubernetes Rancher Red Hat Enterprise Linux 8 Windows Server 2012