Salesforce and Risk Management Expert (f/m/d)

Siemens is seeking a Salesforce SME with deep Cyber Security and Risk Management experience to support secure design, implementation, maintenance and governance of Salesforce CRM solutions across global business units. The role will ensure compliance with enterprise security policies, regulatory requirements, and industry best practices while enabling digital transformation initiatives. The candidate will be part of the Digital Sales Platform team and work closely with Central Cyber Security and Data Protection teams, Legal, Procurement and Business stakeholders.

What We Offer You

• An attractive remuneration package
• Access to Siemens share plans
• 30 days of paid vacation and a variety of flexible work schedules that allow time off for you and your family
• Flexible training opportunities for both your professional and personal development that you can tailor to your interests

Responsibilities

• Lead cyber security and risk management activities for global Salesforce CRM implementations, ensuring secure design, deployment, and operations across the full lifecycle.
• Conduct comprehensive risk assessments, threat modeling, and vulnerability analyses for Salesforce ecosystems (including integrations and third‑party applications).
• Define and enforce secure architecture principles for Salesforce, including identity & access management (IAM), API security, encryption, and data protection controls.
• Partner with architecture, DevOps, legal, and enterprise security teams to ensure secure integrations, CI/CD practices, and compliance‑by‑design.
• Ensure adherence to internal security standards and external regulatory frameworks (e.g., GDPR, ISO 27001), including coordination of audits and remediation activities.
• Act as a key interface to stakeholders across cyber security, data protection, legal, procurement, and business units, balancing risk mitigation with business enablement.
• Monitor security events, support incident response processes, and contribute to continuous improvement of security posture across CRM platforms.
• Maintain governance artifacts such as risk registers, audit documentation, and security policies.

Qualifications

• Master’s degree in Computer Science, Information Security, or a related field.
• Extensive professional experience (typically 5–10+ years) in Cyber Security and/or IT Risk Management, with a strong focus on enterprise environments.
• Proven hands‑on experience securing Salesforce CRM implementations, ideally within European and German regulatory contexts.
• Strong expertise in security domains such as IAM, SSO, MFA, RBAC, encryption, API security, and cloud security (e.g., AWS, Azure, Salesforce ecosystem).
• Solid understanding of secure software development lifecycle (SDLC) and DevSecOps practices.
• In‑depth knowledge of regulatory and compliance frameworks, particularly GDPR and German labor‑related regulations (e.g., Works Constitution Act – BetrVG).
• Strong stakeholder management and communication skills in complex, cross‑functional environments.
• Fluent in German and English (both written and spoken).
• Relevant certifications (e.g., CISSP, CISM, CRISC, ISO 27001, Salesforce certifications) are considered a strong plus.

As an equal opportunity employer, we welcome applications from individuals of all backgrounds and particularly encourage applications from persons with disabilities.