Skip to content

JobShark: Find the Right Job
 

San Francisco, CA Full Time Posted by: Salesforce.com, Inc. Posted: Sunday, 25 January 2026
 
 
Overview

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category: Product

Job Details

Job Title: Business Information Security Officer (BISO)

Locations: San Francisco, CA - Seattle, WA - Bellevue, WA

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn a buzzword - its a way of life. The world of work as we know it is changing and wem looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforces core values at the heart of it all.

Ready to level-up your career at the company leading workforce transformation in the agentic era? Youe in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

About the Team

Salesforce's Product Security team, a vital part of the broader Security organization, is dedicated to securing our customer data and assets while proactively managing risk and enhancing security posture. We thrive on deep collaboration with product and engineering teams to achieve optimal risk outcomes and maintain the trust our customers place in us.

Were seeking two highly accomplished BISOs to join our team, one supporting our Availability & Infrastructure Engineering (AiE) team and the other our Hyperforce Platform Services (HPS) team. You will be leading security accountability for critical areas of our infrastructure and platform. These roles require moving beyond traditional compliance to become co-owners of security outcomes.

BISO for Availability & Infrastructure Engineering (AiE)

As the BISO for AiE, you will assume accountability for the security risk posture of the teams that keep Salesforce running 24/7/365 - including Site Reliability Engineering (SRE), Big Data Observability, and Global Incident Response.

Your Mission
  • Partner with AiE leadership to prioritize security risks within the context of mission-critical availability
  • Be the "Voice of Security" for operational teams where availability is intrinsically linked to security
  • Champion "Security for Operations" mindset, ensuring incident response frameworks, observability pipelines, and change management processes are robust against both adversarial threats and operational errors
  • Integrate "Security as Code" within CI/CD and release pipelines
  • Govern the use of AI in operations to automate security defenses and support operational resiliency
BISO for Hyperforce Platform Services (HPS)

As the BISO for HPS, you will secure the foundation of our business-our "Hyperforce" architecture-operating as the "Voice of Security" Embedded with our most critical engineering teams.

Your Mission
  • Partner with HPS leadership and architects to translate complex risks into engineering reality
  • Bring a "platform" mindset, understanding that security controls at the platform and infrastructure layer deliver exponential scale and value to downstream cloud tenants
  • Bridge the gap between "architectural risks" (multi-substrate security, cloud dependencies) and "operational risks" (patch management, configuration drift)
  • Foster a culture where security is indistinguishable from quality
  • Ensure risk decisions are deeply informed by specific technical context, constraints, and capabilities of our systems
Your Impact - Core Responsibilities (Both Roles)
  • Security Accountability & Partnership: Partner with product and engineering leadership to collaboratively prioritize security initiatives, negotiate trade-offs, and ensure executive-level accountability for achieving security and business outcomes
  • Strategic Risk Communication: Translate complex technical security signals into clear, compelling, and actionable executive and board-level business narratives
  • Operational Risk Management: Deliver regular, metric-driven readouts on security risk posture, actively maintain the Security Risk Register, and lead security due diligence for remediation timelines
  • Secure-by-Design/Secure-in-Operations Culture: Foster a culture of shared security responsibility by integrating security and compliance requirements throughout the infrastructure lifecycle
  • AI-Driven Optimization: Leverage generative AI technologies to reduce manual toil and enhance security risk management
Minimum Requirements
  • Bachelors degree in Information Security, Computer Science, Information Technology, or a related field (equivalent experience may be considered)
  • 10+ years of professional experience in security risk management, with at least 5 years dedicated to security operational roles supporting major cloud platforms (AWS, GCP, or multi-cloud environments)
  • Exceptional executive presence, negotiation, and influence skills with ability to partner at VP+ level without direct authority
  • High risk acumen and extensive experience managing complex portfolios of security risks
  • Strong working knowledge of industry standards and regulations (NIST CSF, ISO 27001, SOC 2, NIST 800-160, ISO 27035, ITIL v4, DORA)
  • Proven ability to build strong partnerships across all security functions (CSOC, Product Security, GRC, Enterprise Security)
  • Strong understanding of CI/CD security, infrastructure-as-code, and zero-trust architecture principles
  • Experience acting as a key stakeholder during major security incidents, managing executive escalations, and driving post-incident remediation
Additional Requirements for AiE Team
  • Experience managing globally distributed teams across multiple time-zones with 24/7 on-call responsibilities
  • Strong grasp of availability metrics (SLAs, SLOs, error budgets) and ability to balance these with security error budgets
  • Foundational experience in SRE, DevOps, Big Data, or observability platforms
  • Experience with auto-remediation platforms and chaos engineering
Additional Requirements for HPS Team
  • Solid understanding of hyper-scale architectures (like Hyperforce), containerization (Kubernetes), microservices, and distributed systems
  • Experience building or leading vulnerability management programs with context-based prioritization (SSVC, EPSS)
  • Strong understanding of IAM lifecycle, governance, and architecture (Least Privilege, RBAC/ABAC, SSO, MFA)
Preferred Qualifications
  • Demonstrated experience as a Business Information Security Officer (BISO) or equivalent security leadership role
  • Certifications such as CCSP, CISSP, CISM, AWS Certified Security Specialty, GCP Security Engineer, or CKS
  • Strong understanding of Secure SDLC, threat modeling, and integrating security checks (SAST/DAST) into development pipelines

Unleash Your Potential

When you join Salesforce, you\'ll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best, and our AI agents accelerate your impact so you can do your best. Together, we\'ll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future - but to redefine whats possible - for yourself, for AI, and the world.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace thats inclusive, and free from discrimination.

Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, and promotion decisions at Salesforce, fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, assessment of job performance, discipline, termination, and everything in between.

In the United States, compensation offered will be determined by factors such as location, job level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, and benefits. Salesforce offers a variety of benefits to help you live well including: time off programs, medical, dental, vision, mental health support, paid parental leave, life and disability insurance, 401(k), and an employee stock purchasing program. More details about company benefits can be found at the following link: Salesforce Benefits.

San Francisco, CA, United States of America
Click apply
JS26489_25303_AA55E245195129862CB4908FC5DAD098
2026-01-25 11:12:31 AM
We strongly recommend that you should never provide your bank account details to an advertiser during the job application process. Should you receive a request of this nature please contact support giving the advertiser's name and job reference.