Senior Product Security Engineer
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
As a senior security engineer, you will play an important role in ensuring the security and integrity of our platforms and products, enabling robust security practices and establishing a secure by default solutions. You will focus on efforts to strengthen our infrastructure security guardrails (e.g. OPA, Checkov), create and maintain secure reference architectures (secure architectural patterns) leveraging your cloud security knowledge, and review developer productivity templates like Terraform code from IAC team to ensure they meet security requirements by default. The template review will include manual security review, automated assessment, as well as fixing of identified vulnerabilities and integration of security defaults as applicable. This role will also require collaborative engagement with cross-functional teams, as you play a pivotal role in seamlessly integrating security measures into the development process. Your contribution will be instrumental in strategically shifting security practices to an earlier stage, ensuring that security becomes an inherent part of our development culture.
- Bachelor's Degree or equivalent work experience required, preferred Degree in engineering, computer science, or a related technical field
- 4+ years experience in security field (Pen-Tester, Blue Team, Threat Modeling, Security Researcher, etc)
- Ability to write scripts and automating tasks, preferably in Python or Shell
- Good understanding of cloud security principles with hands-on experience in securing cloud-based applications or infrastructure
- Ability to work cross-functionally, context switch, learn fast, and communicate well
- Proficiency in data analysis to inform data-driven decision-making including decisions on false positives, false negatives, and true positives
- Demonstrate expertise in cloud security with an understanding of security best practices for at least one major cloud provider (e.g. AWS, GCP, Ali, Azure)
- Familiarity with modern infrastructure and application development using public cloud primitives (e.g. Kubernetes, serverless architecture and Infrastructure as Code tools like Pulnami, Terraform, Ansible, Chef, Puppet).
- Ability to translate from compliance and security requirements through product requirements and implement them in automation
- Knowledge of integrating security into DevOps practices, enabling the shift of security left in the development lifecycle
- Ability to conduct security assessments and certifications for software modules, add-ons, and systems, ensuring alignment with internal and industry standards
- Ability to design and implement secure reference architectures, integrating security controls into system designs
- Effective communication and collaboration skills to work seamlessly with cross-functional teams
- Ability to manage your own projects
- Passionate for improving security, systems, and processes
- CISSP, CEH, CompTIA Security certification or other security certifications related to Cloud Security (e.g. CCSP, Amazon Web Services (AWS) Solutions Architect - Associate certificate, Google Associate Cloud Engineer certificate)
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.For Washington-based roles, the base salary hiring range for this position is $138,000 to $208,800.For California-based roles, the base salary hiring range for this position is $151,800 to $227,700.Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.