Salesforce Administrator (Security & DevOps)

About The Position

Requirements

• Education: Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field.
• Experience: Minimum 8 years of Salesforce administration experience, with at least 3 years focused on Salesforce DevOps, CI/CD pipelines, and security administration.
• Certifications (Required): Salesforce Administrator; Salesforce Advanced Administrator.
• DevOps Proficiency: Hands-on experience with Salesforce DX (SFDX CLI), source-driven development, GitHub/GitHub Actions, scratch orgs, unlocked packages, and metadata API deployments.
• Security Expertise: Deep knowledge of Salesforce security model including profiles, permission sets, sharing rules, field-level security, session settings, MFA, and IP restrictions.
• Platform Knowledge: Strong understanding of Salesforce platform limits, governor limits, release management, and sandbox administration.
• Tools: Proficiency with Git/GitHub, VS Code with Salesforce Extensions, Salesforce Data Loader, JIRA, and OwnBackup or equivalent backup solutions.
• Compliance: Must be eligible for Public Trust (Tier 2 / MBI) security clearance. U.S. citizenship or permanent residency required.

Nice To Haves

• Salesforce Platform App Builder certification.
• Experience with FedRAMP compliance requirements in a Salesforce environment.
• Familiarity with Salesforce Public Sector Solutions (PSS) Grants Management platform.
• Experience supporting ATO packages and federal security assessments (NIST 800-53).
• Knowledge of Salesforce Shield (Event Monitoring, Platform Encryption) and Field Audit Trail.
• Prior experience on federal government Salesforce contracts (DOC, DOT, or similar agencies).
• Experience with Copado, Gearset, or other Salesforce-native DevOps platforms.
• Section 508/WCAG 2.1 AA compliance awareness for platform configurations.
• SAFe or Scrum team experience in a multi-team delivery environment.

Responsibilities

• Salesforce DevOps & CI/CD: Own and maintain the end-to-end Salesforce CI/CD pipeline using Salesforce DX (SFDX), GitHub Actions, and source-driven deployment workflows. Manage branching strategies, merge conflict resolution, and automated deployment scripts across sandbox tiers (Dev, QA, UAT, Staging, Production).
• Environment & Sandbox Management: Administer and maintain Salesforce sandbox environments including full, partial, and developer sandboxes. Coordinate sandbox refresh schedules, seed data management, and environment parity across all five delivery teams.
• Security Configuration & Compliance: Implement and maintain Salesforce security configurations including profiles, permission sets, permission set groups, sharing rules, field-level security, session settings, MFA enforcement, and enhanced domain configurations. Ensure compliance with FedRAMP, NTIA/DOC security policies, and ATO requirements.
• Platform Release Management: Manage Salesforce's three annual platform releases (Spring, Summer, Winter). Review release notes for impacts, test customizations in preview sandboxes, identify deprecated APIs and governor limit changes, communicate maintenance windows, and validate post-upgrade functionality.
• Security Monitoring & ATO Support: Monitor trust.salesforce.com and Salesforce security bulletins. Support ATO package maintenance, coordinate security assessments and audits, and maintain security documentation. Implement security configuration changes (enhanced domains, session settings, API retirement) with sandbox testing before production deployment.
• OwnBackup Administration: Serve as primary administrator for the OwnBackup data protection suite. Configure backup policies, manage retention schedules, execute data restore operations when required, and maintain backup compliance documentation.
• Deployment Governance: Establish and enforce deployment governance standards including code review gates, minimum test coverage thresholds (85%+), deployment approval workflows, and rollback procedures. Maintain deployment logs and change management records for audit purposes.
• Technical Debt & Health Monitoring: Proactively identify and remediate technical debt including deprecated API usage, governor limit risks, unused custom fields/objects, and permission set sprawl. Monitor Salesforce Optimizer and Health Check scores, driving continuous improvement.
• Agile Participation: Participate in sprint planning, daily stand-ups, sprint reviews, and retrospectives within the SAFe Scrum of Scrums framework. Contribute an estimated 15 story points per sprint (240 annually).

Benefits

• Company-supported medical, dental, vision, life, STD, and LTD insurance
• Benefits include 11 federal holidays and PTO
• Eligible employees may receive performance-based incentives in recognition of individual and/or team achievements.
• 401(k) with company matching
• Flexible Spending Accounts for commuter, medical, and dependent care expenses
• Tuition Assistance
• Charitable Contribution matching