Salesforce · 15 hours ago
Business Information Security Officer (BISO)
Washington - Bellevue
Full-time
Onsite
Senior Level, Lead/Staff
$208K/yr - $286K/yr
10+ years expSalesforce is the #1 AI CRM, dedicated to securing customer data and managing risk. They are seeking two accomplished Business Information Security Officers to lead security accountability for critical areas of their infrastructure and platform, ensuring robust security measures are integrated throughout operations.
Agentic AIArtificial Intelligence (AI)Cloud ComputingCRMSaaSSales EnablementSoftware
Responsibilities
Partner with AiE leadership to prioritize security risks within the context of mission-critical availability
Be the 'Voice of Security' for operational teams where availability is intrinsically linked to security
Champion 'Security for Operations' mindset, ensuring incident response frameworks, observability pipelines, and change management processes are robust against both adversarial threats and operational errors
Integrate 'Security as Code' within CI/CD and release pipelines
Govern the use of AI in operations to automate security defenses and support operational resiliency
Partner with HPS leadership and architects to translate complex risks into engineering reality
Bring a 'platform' mindset, understanding that security controls at the platform and infrastructure layer deliver exponential scale and value to downstream cloud tenants
Bridge the gap between 'architectural risks' (multi-substrate security, cloud dependencies) and 'operational risks' (patch management, configuration drift)
Foster a culture where security is indistinguishable from quality
Ensure risk decisions are deeply informed by specific technical context, constraints, and capabilities of our systems
Partner with product and engineering leadership to collaboratively prioritize security initiatives, negotiate trade-offs, and ensure executive-level accountability for achieving security and business outcomes
Translate complex technical security signals into clear, compelling, and actionable executive and board-level business narratives
Deliver regular, metric-driven readouts on security risk posture, actively maintain the Security Risk Register, and lead security due diligence for remediation timelines
Foster a culture of shared security responsibility by integrating security and compliance requirements throughout the infrastructure lifecycle
Leverage generative AI technologies to reduce manual toil and enhance security risk management
Qualification
Required
Bachelor's degree in Information Security, Computer Science, Information Technology, or a related field (equivalent experience may be considered)
10+ years of professional experience in security risk management, with at least 5 years dedicated to security operational roles supporting major cloud platforms (AWS, GCP, or multi-cloud environments)
Exceptional executive presence, negotiation, and influence skills with ability to partner at VP+ level without direct authority
High risk acumen and extensive experience managing complex portfolios of security risks
Strong working knowledge of industry standards and regulations (NIST CSF, ISO 27001, SOC 2, NIST 800-160, ISO 27035, ITIL v4, DORA)
Proven ability to build strong partnerships across all security functions (CSOC, Product Security, GRC, Enterprise Security)
Strong understanding of CI/CD security, infrastructure-as-code, and zero-trust architecture principles
Experience acting as a key stakeholder during major security incidents, managing executive escalations, and driving post-incident remediation
Experience managing globally distributed teams across multiple time-zones with 24/7 on-call responsibilities
Strong grasp of availability metrics (SLAs, SLOs, error budgets) and ability to balance these with security error budgets
Foundational experience in SRE, DevOps, Big Data, or observability platforms
Experience with auto-remediation platforms and chaos engineering
Solid understanding of hyper-scale architectures (like Hyperforce), containerization (Kubernetes), microservices, and distributed systems
Experience building or leading vulnerability management programs with context-based prioritization (SSVC, EPSS)
Strong understanding of IAM lifecycle, governance, and architecture (Least Privilege, RBAC/ABAC, SSO, MFA)
Preferred
Demonstrated experience as a Business Information Security Officer (BISO) or equivalent security leadership role
Certifications such as CCSP, CISSP, CISM, AWS Certified Security Specialty, GCP Security Engineer, or CKS
Strong understanding of Secure SDLC, threat modeling, and integrating security checks (SAST/DAST) into development pipelines
Benefits
Time off programs
Medical
Dental
Vision
Mental health support
Paid parental leave
Life and disability insurance
401(k)
Employee stock purchasing program
Company
Salesforce
Salesforce is a cloud-based software company that provides customer relationship management software and applications.
10001+ employees
H1B Sponsorship
Salesforce has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (1883)
2024 (2296)
2023 (1850)
2022 (2849)
2021 (2124)
2020 (1960)
Funding
Current Stage
Public CompanyTotal Funding
$65.38MKey Investors
Starboard ValueEmergence CapitalHalsey Minor
2022-10-18Post Ipo Equity
2004-06-23IPO
2003-01-01Series Unknown· $1M
Leadership Team
Arundhati Bhattacharya
Chairman & Ceo Salesforce India
Marc Benioff
Chair & CEO
Recent News
2026-01-22
Benzinga.com
2026-01-21
Company data provided by crunchbase