Salesforce Security Architect / Engineering Lead (Shield, SIEM, OAuth, AI Security)
We are seeking a Salesforce Security Engineering Lead / Architect to drive enterprise-wide security initiatives across multiple business units. This role will focus on security architecture, compliance, threat monitoring, and vulnerability remediation within a large-scale Salesforce ecosystem. You will work closely with cybersecurity teams, architects, and business stakeholders to design and enforce secure, scalable solutions across data access, authentication, integrations, and applications. Requirements Lead enterprise-wide Salesforce security hardening across multiple business units Own, maintain, and iterate TMNA's Salesforce security hardening guidelines, checklists, and standards Command stakeholder relationships across cybersecurity teams and business units with technical authority and leadership presence Regularly audit and challenge application teams on security posture and adherence to standards Architect and implement Salesforce security controls across data access, authentication/authorization, application security, and API/integration layers covering field-level security, encryption, sharing rules, permission sets, OAuth flows, SAML, API security, and Apex security patterns 5+ years hands-on Salesforce experience with deep platform security architecture knowledge Expert knowledge of Salesforce Shield, Event Monitoring, Security Health Check, and Security Center Proven experience with Apex security patterns, SOQL injection prevention, and secure coding practices Lead rapid vulnerability remediation through war room coordination and cross-functional team leadership Design SIEM integration strategies with Microsoft Sentinel for real-time Salesforce Event Monitoring and automated threat response Implement controls for Data Loader abuse prevention, bulk data extraction monitoring, and social engineering attack mitigation Lead security POC evaluations and vendor coordination for Security Center, Varonis, and emerging platforms Proven track record leading technical initiatives across multiple teams and business units Solid understanding of cloud engineering principles (AWS/Azure/GCP), distributed systems architecture, and API security Advanced scripting capabilities in Python, Bash, or similar languages for security automation Exceptional ability to articulate complex security concepts to C-level executives and technical teams Plus Prior Salesforce security hardening experience at enterprise scale Understanding of LLM security risks and ability to write security guidelines for agentic AI workflows in Salesforce (Einstein AI, Copilot, autonomous agents) Stay current on Salesforce agentic AI landscape including Einstein Trust Layer and Agent force security features Experience with Microsoft Sentinel SIEM and Salesforce Event Monitoring integration Salesforce Certified Technical Architect, Security Architect, or Platform Developer II certification Background in automotive, manufacturing, or highly regulated industries CISSP, CEH, OSCP, or equivalent security certifications Experience with CI/CD security, security automation, and infrastructure as code