About the Role:

Grade Level (for internal use):

Job Title: Director Salesforce Compliance and Security

Job Description:

Position Overview:Join our dynamic Salesforce Team at S&P Global as the Director Salesforce Compliance and Security. In this role you will lead the strategic and operational oversight of security compliance and risk management for the enterprise Salesforce ecosystem. This role ensures the platform adheres to internal policies SOX requirements and industry standards while maintaining a robust security posture. The ideal candidate will be a hands-on leader with deep expertise in access governance cyber risk response audit coordination and disaster recovery planning.

Key Responsibilities:

Access Governance & Least Privilege Enforcement

• Design and implement permissioning frameworks that adhere to the principle of least privilege across all Salesforce environments.
• Oversee quarterly access certifications and entitlement reviews to maintain accurate and compliant role-based access.
• Collaborate with Identity and Access Management (IAM) teams to address access anomalies and enhance security controls as necessary.

SOX & Internal Audit Compliance

• Lead the comprehensive evidence gathering and control validation process for SOX audits related to Salesforce.
• Partner with internal audit teams and external assessors to provide timely and precise responses to control testing.
• Maintain and update critical control documentation including SOC1/SOC2 reports and Statements of Applicability.

Cyber Risk Management

• Spearhead the identification assessment and mitigation of cyber risks affecting the Salesforce platform.
• Coordinate with Third Party Risk Management (TPRM) and vendor teams to validate external controls and certifications (e.g. ISO 27001 NIST PCI-DSS).
• Monitor threat intelligence and vulnerability reports ensuring prompt remediation and escalation of issues.

Disaster Recovery & Business Continuity

• Develop maintain and test disaster recovery plans tailored for Salesforce environments including defining Recovery Time Objectives (RTO) and Recovery Point Objectives (RPO).
• Coordinate annual disaster recovery testing and ensure alignment with enterprise resilience frameworks and vendor Service Level Agreements (SLAs).
• Document and communicate disaster recovery procedures across internal teams and vendors.

Security Posture & Continuous Improvement

• Drive initiatives aimed at enhancing logical security endpoint protection and incident response capabilities across the platform.
• Implement centralized monitoring and alerting systems to track Salesforce activity.
• Champion security awareness and training programs for Salesforce users and administrators.

Qualifications:

• Bachelors degree in Information Security Computer Science or a related field; Masters degree preferred.
• A minimum of 10 years of experience in IT security compliance or risk management with at least 5 years in a leadership capacity.
• In-depth knowledge of Salesforce architecture permissioning models and Shield capabilities.
• Proven experience managing SOX audits and internal control frameworks.
• Relevant certifications such as CISSP CISA CISM or PMP are highly desirable.
• Exceptional communication and stakeholder management skills across both technical and business domains.

Preferred Experience:

• Familiarity with compliance workflow tools such as OpenPages and SailPoint.
• Experience with multi-tenant cloud environments and data segregation strategies.
• Prior leadership experience in disaster recovery planning and execution for SaaS platforms.

Right to work requirements: This role is limited for candidates with indefinite right to work within the USA.

Whats In It For You

Our Purpose:

Progress is not a self-starter. It requires a catalyst to be set in motion. Information imagination people technologythe right combination can unlock possibility and change the world.

Our world is in transition and getting more complex by the day. We push past expected observations and seek out new levels of understanding so that we can help companies governments and individuals make an impact on tomorrow. At S&P Global we transform data into Essential Intelligence pinpointing risks and opening possibilities. We Accelerate Progress.

Our People:

Were more than 35000 strong worldwideso were able to understand nuances while having a broad perspective. Our team is driven by curiosity and a shared belief that Essential Intelligence can help build a more prosperous future for us all.

From finding new ways to measure sustainability to analyzing energy transition across the supply chain to building workflow solutions that make it easy to tap into insight and apply it. We are changing the way people see things and empowering them to make an impact on the world we live in. Were committed to a more equitable future and to helping our customers find new sustainable ways of doing business. Were constantly seeking new solutions that have progress in mind. Join us and help create the critical insights that truly make a difference.

Our Values:

Integrity Discovery Partnership

At S&P Global we focus on Powering Global Markets. Throughout our history the worlds leading organizations have relied on us for the Essential Intelligence they need to make confident decisions about the road ahead. We start with a foundation of integrity in all we do bring a spirit of discovery to our work and collaborate in close partnership with each other and our customers to achieve shared goals.

Benefits:

We take care of you so you cantake care of business. We care about our people. Thats why we provide everything youand your careerneed to thrive at S&P Global.

Our benefits include:

• Health & Wellness: Health care coverage designed for the mind and body.

• Flexible Downtime: Generous time off helps keep you energized for your time on.

• Continuous Learning: Access a wealth of resources to grow your career and learn valuable new skills.

• Invest in Your Future: Secure your financial future through competitive pay retirement planning a continuing education program with a company-matched student loan contribution and financial wellness programs.

• Family Friendly Perks: Its not just about you. S&P Global has perks for your partners and little ones too with some best-in class benefits for families.

• Beyond the Basics: From retail discounts to referral incentive awardssmall perks can make a big difference.

For more information on benefits by country visit: Hiring and Opportunity at S&P Global:

At S&P Global we are committed to fostering a connected andengaged workplace where all individuals have access to opportunities based on their skills experience and contributions. Our hiring practices emphasize fairness transparency and merit ensuring that we attract and retain top talent. By valuing different perspectives and promoting a culture of respect and collaboration we drive innovation and power global markets.

Recruitment Fraud Alert:

If you receive an email from a domain or any other regionally based domains it is a scam and should be reported to. S&P Global never requires any candidate to pay money for job applications interviews offer letters pre-employment training or for equipment/delivery of equipment. Stay informed and protect yourself from recruitment fraud by reviewing our guidelines fraudulent domains and how to report suspicious activityhere.

Required Experience:

Director