Salesforce Security Architect
Excelia · Spain
- Hybrid
- Full-time
- $150,000 / year
- Spain
Job highlights
- Define Salesforce security architecture and controls.
- Lead security initiatives and hardening efforts.
- Collaborate with teams on risk and remediation.
- Mentor team on security best practices.
- Remote role with Barcelona onsite option.
About the role
Salesforce Security Architect (Senior / Lead)
Location: Remote (with possibility of onsite in Barcelona)
Role Overview: Excelia is seeking a Salesforce Security Architect to serve as the technical authority for security within our Salesforce environments. This strategic and technical role involves defining security architecture, aligning controls with corporate standards, and leading the implementation of secure solutions in enterprise-scale, multi-org environments.
What You'll Do
- Define Salesforce security architecture, encompassing identity management, access control, encryption, event monitoring, and regulatory compliance.
- Guide the deployment of Salesforce Security Center, Shield, and associated tools, ensuring robust and consistent adoption.
- Translate corporate security policies and compliance requirements into applicable Salesforce configurations and controls.
- Lead hardening initiatives, focusing on permissions, profiles, integrations, Shield activation, API access control, and best configuration practices.
- Review and approve configurations and changes from a security and risk perspective.
- Collaborate with security analysts to monitor vulnerabilities, assess risks, and strengthen the security posture of various orgs.
- Define incident response procedures and participate in technical investigations as needed.
- Work with Salesforce, internal security teams, and operational units to design remediation plans and ensure uniform implementation.
- Mentor the internal team, promoting knowledge sharing and best practices.
Required Skills and Experience
- +6 years of experience in Salesforce, with a strong focus on security and architecture.
- Deep understanding of Salesforce security mechanisms: Profiles, Permission Sets, Role Hierarchy, API Security, Salesforce Shield (Event Monitoring, Platform Encryption, Transaction Security Policies).
- Experience in designing identity and access integrations (SSO, OAuth, SAML, Azure AD, SCIM).
- Solid knowledge of data protection, encryption, and audit requirements.
- Experience in enterprise multi-org environments.
- Excellent communication, stakeholder management, and technical documentation skills.
Valuable Experience (Nice-to-have)
- Salesforce Certifications (highly valued): Salesforce CTA, Application Architect, or System Architect, Security & Identity Specialist.
- Experience leading architecture or security initiatives in large organizations.
- Background in cloud security platforms or SIEM tools.
If you are passionate about enterprise security, architectural design, and high-impact technical challenges, we want to hear from you!
Key skills/competency
- Salesforce Security Architecture
- Identity Management
- Access Control
- Salesforce Shield
- Compliance
- Risk Assessment
- Vulnerability Management
- API Security
- SSO/OAuth/SAML
- Data Protection
Skills & topics
- Salesforce Security Architect
- Salesforce
- Security Architecture
- Identity Management
- Access Control
- Salesforce Shield
- Compliance
- Risk Management
- API Security
- SSO
- Remote
- Barcelona
- Enterprise Security
- Cloud Security
How to get hired
- Tailor your resume: Highlight your 6+ years of Salesforce security architecture experience and specific skills like Shield, API security, and identity integrations.
- Showcase expertise: Emphasize your experience with enterprise multi-org environments and translating corporate policies into Salesforce controls.
- Prepare for technical questions: Be ready to discuss Salesforce security mechanisms, encryption, and incident response procedures.
- Demonstrate communication skills: Prepare examples of how you've managed stakeholders and documented technical solutions.
Technical preparation
Master Salesforce security features: Profiles, Permission Sets, Shield.,Deep dive into identity integration protocols like SAML, OAuth.,Practice designing multi-org security architectures.,Review Salesforce Shield capabilities thoroughly.
Behavioral questions
Describe a complex security challenge you solved.,How do you translate policy into technical controls?,How do you handle stakeholder disagreements on security?,How would you mentor a junior security team member?
Frequently asked questions
- What is the primary focus of the Salesforce Security Architect role at Excelia?
- The primary focus of this Salesforce Security Architect role at Excelia is to act as the technical authority for security within Salesforce environments. This includes defining security architecture, implementing secure solutions in multi-org settings, and ensuring alignment with corporate security standards and compliance requirements.
- Is this Salesforce Security Architect position remote or on-site?
- This Salesforce Security Architect position is primarily remote, with the possibility of on-site work in Barcelona. This offers flexibility while maintaining opportunities for in-person collaboration.
- What specific Salesforce security knowledge is required for this role?
- This role requires deep knowledge of Salesforce security mechanisms, including Profiles, Permission Sets, Role Hierarchy, API Security, and Salesforce Shield (Event Monitoring, Platform Encryption, Transaction Security Policies). Experience with identity and access integrations like SSO, OAuth, SAML, Azure AD, and SCIM is also crucial.
- What kind of experience is needed to be considered for the Salesforce Security Architect job?
- To be considered for this Salesforce Security Architect job, you need over 6 years of Salesforce experience with a strong emphasis on security and architecture. Experience in enterprise multi-org environments and strong communication and stakeholder management skills are also essential.
- Are Salesforce certifications mandatory for the Salesforce Security Architect position?
- While not strictly mandatory, Salesforce certifications such as CTA, Application Architect, System Architect, or Security & Identity Specialist are highly valued for this Salesforce Security Architect position and will significantly strengthen your application.
- What are the responsibilities of a Salesforce Security Architect at Excelia regarding compliance?
- The Salesforce Security Architect at Excelia will be responsible for translating corporate security policies and compliance requirements into concrete Salesforce configurations and controls. This includes ensuring data protection, encryption, and meeting audit requirements within the Salesforce platform.
- How does this role contribute to Excelia's overall security posture?
- This Salesforce Security Architect role is critical to Excelia's security posture by defining and implementing robust security architectures, leading hardening initiatives, collaborating with security analysts on vulnerability management, and mentoring the team on best practices.