Salesforce Security Architect

Salesforce Security Architect (Senior / Lead)

Location: Remote (with possibility of onsite in Barcelona)

Role Overview: Excelia is seeking a Salesforce Security Architect to serve as the technical authority for security within our Salesforce environments. This strategic and technical role involves defining security architecture, aligning controls with corporate standards, and leading the implementation of secure solutions in enterprise-scale, multi-org environments.

What You'll Do

• Define Salesforce security architecture, encompassing identity management, access control, encryption, event monitoring, and regulatory compliance.
• Guide the deployment of Salesforce Security Center, Shield, and associated tools, ensuring robust and consistent adoption.
• Translate corporate security policies and compliance requirements into applicable Salesforce configurations and controls.
• Lead hardening initiatives, focusing on permissions, profiles, integrations, Shield activation, API access control, and best configuration practices.
• Review and approve configurations and changes from a security and risk perspective.
• Collaborate with security analysts to monitor vulnerabilities, assess risks, and strengthen the security posture of various orgs.
• Define incident response procedures and participate in technical investigations as needed.
• Work with Salesforce, internal security teams, and operational units to design remediation plans and ensure uniform implementation.
• Mentor the internal team, promoting knowledge sharing and best practices.

Required Skills and Experience

• +6 years of experience in Salesforce, with a strong focus on security and architecture.
• Deep understanding of Salesforce security mechanisms: Profiles, Permission Sets, Role Hierarchy, API Security, Salesforce Shield (Event Monitoring, Platform Encryption, Transaction Security Policies).
• Experience in designing identity and access integrations (SSO, OAuth, SAML, Azure AD, SCIM).
• Solid knowledge of data protection, encryption, and audit requirements.
• Experience in enterprise multi-org environments.
• Excellent communication, stakeholder management, and technical documentation skills.

Valuable Experience (Nice-to-have)

• Salesforce Certifications (highly valued): Salesforce CTA, Application Architect, or System Architect, Security & Identity Specialist.
• Experience leading architecture or security initiatives in large organizations.
• Background in cloud security platforms or SIEM tools.

If you are passionate about enterprise security, architectural design, and high-impact technical challenges, we want to hear from you!

Key skills/competency

• Salesforce Security Architecture
• Identity Management
• Access Control
• Salesforce Shield
• Compliance
• Risk Assessment
• Vulnerability Management
• API Security
• SSO/OAuth/SAML
• Data Protection