1. Home
  2. Trust & Security Advisor
Expires soon
Salesforce

Trust & Security Advisor

  • San Francisco (San Francisco County)
  • Sales
Apply Now

Job description

Background
As the adoption of Heroku for critical applications in the enterprise accelerates, so does the requirement for our prospects and customers to learn more about how we keep their data secure. The Trust & Security Advisor will be the interface between Heroku Security and our customers and prospects to ensure they are successful with their own internal compliance and vendor-management efforts related to Heroku.

Job functions
Heroku security and compliance expert for customers and prospects
• Manually respond to all customer security questionnaires with an eye towards maximum automation of the process
• Build customer trust through managing and hosting on-site customer security meetings at Heroku HQ and onsite with prospects/customers
• Be the Heroku field expert for the Heroku trust story covering security, architecture, reliability, performance, privacy and compliance.
• Interface with Heroku Security to ensure all the latest security features and capabilities are properly represented in customer responses
• Collaborate with the Salesforce core legal team on customer-specific contract requirements

Owner of (to be) security RFI system
• Scope and oversee construction of a system for responding to security questionnaires
○ Custom or preferably added to existing Salesforce RFI system
○ Full text search and suggestion of appropriate answer(s) for questionnaires
• Keep that system updated with the latest security RFI answers
• Once the security RFI system is GA, Heroku field teams will own first pass at questions from their customers and prospects. You own quality review and any gaps.

Interface to Heroku Security (engineering and product management)
• Ensure that HQ is aware of gaps in our security/compliance capabilities that are impacting customers and prospects
• Ensure Heroku and Salesforce field sales are consistently enabled with the latest and best positioning around Heroku security and compliance
• Gather customer security/compliance requests, and liaison with Heroku product managers and Marketing to maintain a security product roadmap
• Author and maintain security and compliance-related documentation: white papers, standard questionnaires (e.g. SIG, CAIQ), security best practices, etc.

Desired skills and experience
1. Familiarity with one or more security control frameworks: NIST, PCI, ISO, SOC, CSA, etc.
2. Managed one or more compliance certifications/audits, either as an auditor or responder (FedRAMP, PCI, ISO, SOC, HIPAA, etc.)
3. Experience with completing customer security/compliance questionnaires
4. Experience interpreting the intent of specific customer questions, and mapping them to industry standard controls
5. Familiarity with AWS security practices and compliance documentation

Make every future a success.
  • Job directory
  • Business directory
    •