Job Specifications
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
Product
Job Details About Salesforce
We're Salesforce, the Customer Company, inspiring the future of business with AI + Data + CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. We empower you to be a Trailblazer, driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place! About Our Team
Enterprise Security secures our enterprise environment that serves our rapidly growing workforce! As a Senior Enterprise Security Engineer, you will partner closely with technology and business partners to understand their objectives, identify threats, and scale our enterprise security programs. You will collaborate with our Business and IT organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will also have the opportunity to identify emerging threats and design new processes that balance security and business agility across Salesforce! What You Will Be Doing
Perform full stack security assessments (such as architecture and design reviews, code reviews, and penetration tests) across a diverse and sophisticated range of environments including:
Web applications/SaaS applications
Operating system and hardware platforms (server and client endpoints, mobile and other Embedded devices)
Network infrastructure (switches, routers, wireless access points, load balancers, firewalls, VPN, SDN, cloud)
Authentication and authorization services (SAML, OAuth, Radius, Kerberos)
Public cloud infrastructure platforms and technologies (AWS, Google Cloud Platform, Azure, Terraform)
Middleware and API services
Threat model common attacker methods to develop appropriate mitigation techniques, providing guidance that balances security requirements with functional requirements.
Develop automated processes and support improvement of tooling to identify and solve problems at scale.
Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle.
Define and develop technical security standards and guidelines with business partners.
Research new technologies, emerging threats, and vulnerabilities for strategic planning and process improvements. What You Should Have
6+ years of experience in a security role with a focus on application and network security, security engineering, infrastructure engineering, incident response/handling, penetration testing, threat modeling, red or blue team operations, intrusion detection, firewall/access control technologies, risk management, identity management, Windows, Mac or Linux security, encryption technologies, or endpoint security controls.
Knowledge of key areas pertaining to security such as common network security models and protocols, methods of resolving integrity and providing confidentiality, operating systems internals and vulnerabilities, public key infrastructure and digital certificates, exploit mitigation techniques, and application security.
Strong experience performing security assessments with common tools such as BurpSuite, Nexpose, Nessus, Metasploit, and Nmap.
Experience performing manual and tool-assisted code reviews (Java, JavaScript, Python, and other languages).
Hands-on experience designing solutions or performing security testing of cloud environments (AWS, Azure, Google Cloud).
Excellent communication skills, with the ability to work as a team and collaborate effectively with diverse stakeholders. Bonus Points
Confirmed Scripting experience in one or more of these languages: Bash, PowerShell, Python, Java, JavaScript/NodeJS.
Experience with DevOps, CI/CD pipelines, or secure development lifecycles.
Security certification such as OSCP, OSEP, GCIH, GCIA, GPEN, GWAPT, GMOB, GPPA, CCNP, CCNP Security, CCIE Security.
Knowledge of development and security practices on the Salesforce platform, Heroku, Slack, Mulesoft, and/or Tableau.
Join us at Salesforce and be part of a team that is dedicated to making a positive impact on the world while advancing your career in a dynamic and innovative environment!
IN SCHOOL OR GRADUATED WITHIN THE LAST 12 MONTHS? PLEASE VISIT FUTURE FORCE FOR OPPORTUNITIES Unleash Your Potential
When you join Salesforce, you'll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best, and our AI agents accelerate your impact so you can do your best. Together, we'll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future - but to redefine what's