22 oct
Salesforce
La Florida
**Job Category **:Products and Technology
**Job Details**:
**We are looking for the best security engineers in the world.**
Do you want to help secure the experience of millions of people every day? If so Salesforce is looking for people like you!
Security Assurance works to ensure no significant security risk escapes into customer-facing products, the supporting infrastructure, or our enterprise technology stack by proactively scaling security practices at all stages of the engineering and development lifecycle.
We are hiring for mid, senior, lead, and principal level security engineers on our Security Assurance team.
**General Security Responsibilities**
- Partner with engineering teams; performing threat modeling / data flow diagramming / architecture risk analysis, identifying security flaws, and driving work items and bugs from these activities to resolution
**Infrastructure Security Responsibilities**:
- Ability to secure large, sophisticated enterprise architectures or systems deployed in public cloud
- Brainstorm with counterparts in the product teams to drive security improvements upstream. Identify the trade-offs of different solutions and recommend the optimal design to achieve both functional goals and security requirements
- Perform penetration testing, infrastructure/vulnerability assessments, and remediation activities. Work with Infrastructure engineering teams throughout the SDLC to ensure their efforts are secure
**Application Security Responsibilities**:
- Perform _black-box penetration testing and code reviews _of our flagship services and product offerings
- Develop new automation and tooling to improve our detection and prevention capabilities
- Perform innovative applied research on new attacks and present new findings to both internal and external audiences
- Develop secure code practices and provide hands-on training to engineering and operations
**Locations**:_Open to US-Remote _
**Minimum Qualifications for all roles**:
- 3+ Years of experience
- An attacker's mindset
- Demonstrated ability in a security engineering or security research role
- Infrastructure and Application Security experience
- Securing products and infrastructure from the OWASP Top 10 and CWE Top 25
- Exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, etc.
- Public Cloud: Amazon Web Services,
Google Cloud Platform, Microsoft Azure, Alibaba Cloud, etc.
- Experience in software development in one or more languages: Java, Perl, Python, Ruby, etc.
- Degree-level education (Bachelors, Masters, certification(s), and/or relevant work experience)
- For Colorado-based roles: Minimum annual salary of $104,600. You may also be offered a bonus, restricted stock units, and benefits._ _
LI-Y
**Accommodations**:
**Posting Statement**:
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay,
employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
▶️ Security Engineering - Security Assurance Team
🖊️ Salesforce
📍 La Florida