Salesforce.com, Inc Security Engineering - Cloud Infrastructure, Product and Enterprise teams - ALL LEVELS in Helena, Montana
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Products and Technology
We are looking for the best security engineers in the world.
We are hiring for mid, senior, lead, and principal level security engineers on our Enterprise Security, Product Security and Infrastructure Security teams
New grads are encouraged to apply to our Futureforce opportunities.
Security Assurance ensures that no significant security risks escape into customer-facing products , the supporting infrastructure , or our enterprise technology stack by proactively scaling security practices at all stages of a project's lifecycle.
Security Assurance functions include design assessments, implementation, vendor and security reviews, as well as our Secure Development Lifecycle, bug bounty, and penetration testing programs including the Offensive Security Team.
The Infrastructure Security Assurance team focuses on everything running in production and R&D from the app layer down.
Ability to securing large complex enterprise architectures or systems deployed in public cloud
Demonstrated ability and experience performing threat modeling / data flow diagramming / architecture risk analysis, identifying bugs and flaws and driving work items from these activities to resolution
Demonstrated ability to work with engineers to identify the trade-offs of different solutions and recommend the ideal design to meet security requirements
Penetration testing, infrastructure, secure software development lifecycle, vulnerability assessments and remediation. Work with Infrastructure engineering teams throughout the SSDL to ensure their efforts are secure.
Our Product Security team ensures the security of our products and serves as subject matter experts for our R&D teams and AppExchange partners to protect our customers’ data in today’s rapidly evolving threat landscape. We are a team of curious minds that specialize in security research, penetration testing, and innovative tool development. We evaluate a broad range of technologies including complex web applications, distributed processing, virtualized environments and isolation of untrusted code.
Perform black-box penetration testing and code reviews of our flagship services, product offerings and partners apps.
Guide the technology organization's security and privacy initiatives by participating in design reviews and threat modeling.
Participate in our incident response and vulnerability remediation efforts.
Perform cutting-edge applied research on new attacks and present new findings to both internal and external audiences.
Evaluate application security tools for internal consumption. Develop new automation and tooling to improve our detection and prevention capabilities.
Develop secure code practices and provide hands-on training to developers and quality engineers.
The Enterprise Security AppSec team is responsible for internal applications and 3rd parties across the company. We do black box testing, code reviews, automation, threat modeling and research to reduce risk to Salesforce and scale with the growth of the company. Innovation is key, we are constantly questioning our processes to improve their efficacy or make them more efficient. Work life balance, career growth, diversity and personal responsibility are all key values of our team.
Perform security assessments of a diverse and complex range of environments including operating system and hardware platforms, network infrastructure, authentication and authorization services, public cloud infrastructure.
Threat model common attacker methods to develop appropriate mitigation techniques.
Collaborate with infrastructure engineering teams and business partners to drive solutions through a secure development lifecycle.
Define and develop technical security standards and guidelines with business stakeholders.
Research new technologies, emerging threats and vulnerabilities.
Locations: US REMOTE
Minimum Qualifications for all roles:
BS/MS degree, or relevant work experience
5+ years exp in Security Engineering
Cloud experience, AWS
Infrastructure and application security experience
Expert knowledge in computer and cloud Infra security
Extensive knowledge of the OWASP Top 10 and CWE Top 25
Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.
Experience in software development, Java, PHP, Perl, Python, Ruby, or other relevant languages
BS Computer Science or equivalent knowledge and experience
A hacker's mindset
For Colorado-based roles: Minimum annual salary of $104,600. You may also be offered a bonus, restricted stock units, and benefits. More details about our company benefits can be found at the following link: https://www.getsalesforcebenefits.com/
Statement from Salesforce
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole team made up of our employees, customers, partners, and communities, we are working to improve the state of the world!
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form (https://careers.mail.salesforce.com/accommodations-request-form) .
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com (http://salesfore.com/) or Salesforce.org .
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
As a federal contractor, Salesforce is required to verify that all US-based employees are fully vaccinated against COVID-19. If you receive an offer and are unable to get vaccinated for religious or medical reasons, you may request a reasonable accommodation.
Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.
Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.
There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.
We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.