Massachusetts Veterans Jobs

MassHire JobQuest Logo

Job Information, Inc Security GRC Manager/ Senior Manager, Controls Assurance in Burlington, Massachusetts

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Products and Technology

Job Details

Salesforce Security, Governance, Risk, and Compliance (GRC) Team is responsible for enterprise wide GRC ensuring Salesforce leadership has the information needed to make strategic risk-based decisions enabling the achievement of Salesforce business objectives globally. Our team builds and deploys common governance, risk, and compliance processes, conducts audits, and helps ensure that technologies and business operations are structured and configured for data protection and compliance.

This individual will primarily support Internal Controls Testing (ICT) within the GRC Technology Advisory - Controls Assurance (CA) program. The goal of the ICT sub-program is to assess and report to leadership the control effectiveness for the highest revenue products across multiple certifications within Salesforce.


  • Lead the control testing and reporting program strategy to ensure continuous alignment with Risk Management, Compliance, and Governance (GRC) with a primary focus on SOX & SOC2.

  • Deliver accurate and actionable compliance guidance and direction to internal stakeholders.

  • Effectively communicate execution status, key accomplishments, and risks that impact Salesforce’s ability to achieve or maintain compliance accreditations or certifications to Salesforce leadership.

  • Build strong cross-functional relationships with business partners to facilitate the development of strong compliance programs that support continuous improvement and operational efficiency.

  • Partner and collaborate with cross-functional team members within SOX Compliance, Security GRC and external auditor teams to gather evidence in support of internal and external assessments and audits.

  • Develop and implement an effective ICT program that leverages an internal common control framework and other applicable standards, policies and regulations.

  • Closely monitor internal projects, audit results and emerging IT trends to determine relevance and impact to the ICT project.

  • Hands on review of SOX and other audit workpapers.


  • 10+ years experience in executing and organizing audits, certification programs and control assessments, including but not limited to the compliance control lifecycle (design, implementation and effectiveness), analyzing control processes and diagrams, scope planning, defining control procedures based on requirements, policies and standards, control testing, mapping issues to risks and socializing results.

  • Strong knowledge of and experience in security risk management and with control frameworks including related regulatory compliance requirements (e.g., SOC, SOX, HITRUST, HIPAA, FedRAMP, PCI) required (internal audits is a different department/posting) and applicable standards, policies and regulations

  • Strong knowledge of and experience in all facets of integrated security governance, risk, and compliance management

  • Strong understanding of infrastructure technology stacks.

  • Ability to assess the nature of controls and identify automation opportunities for increased monitoring and scaling coverage (e.g., RPA, data analytics)

  • Strong ability to operate autonomously, define, drive and execute a program vision, strategy, approach and milestones with minimal guidance and in alignment with organization priorities and initiatives

  • Strong ability to motivate people, instill accountability and drive results

  • Strong ability to assess the big picture, connect the dots and apply to program tasking

  • Strong ability to mature and optimize a program through capability maturity models (e.g., CMMI), innovation, standardization, metrics and reporting

  • Execution oriented, results-driven, and a self-motivator who is comfortable in a fast-paced, dynamic environment

  • Critical and analytical thinker, problem solver, decision maker, highly organized and detail oriented

  • Excellent interpersonal, relationship, collaboration, influencing, and negotiating skills with the leadership team to adopt new ideas, processes and gain commitment on initiatives.

  • Excellent presentation, facilitation, executive reporting and communication skills

  • Excellent program management skills, including but not limited to resourcing, capacity planning and budgeting

  • Knowledge of or experience working with Agile methodology and GRC tools (Metricstream, Archer, etc.)

  • Knowledge of or experience working with, Cloud technologies/environments, AWS or other related cloud experience is required.


  • Relevant BA/BS degree in Management Information Systems, Computer Science, or equivalent experience

  • Relevant Industry certifications (e.g., CRISC, CISSP, CCIE, CISM, CISA, CCSK)

  • Relevant AWS Certifications (e.g., AWS Cloud Practitioner)


If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form ( .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits. and are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. and do not accept unsolicited headhunter and agency resumes. and will not pay any third-party agency or company that does not have a signed agreement with ( or .

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.

Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.

There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.

We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.