Security Engineer vacancy at Salesforce
Negotiable salary
Salesforce
General overview of the role
We are looking for the best security engineers in the world. If you fit that profile, we will work with you to ensure that your job title/level is aligned to your skill set. We are hiring for mid, senior, lead, and principal level security engineers.
Responsibilities
Specific Openings:
Application Security Engineer:
The Enterprise Security AppSec team is responsible for internal applications and 3rd parties across the company. We do black box testing, code reviews, automation, threat modeling and research to reduce risk to Salesforce and scale with the growth of the company. Innovation is key, we are constantly questioning our processes to improve their efficacy or make them more efficient. Work life balance, career growth, diversity and personal responsibility are all key values of our team.
San Francisco (CA)
Infrastructure Security Engineer:
Penetration testing, networks, infrastructure, secure software development lifecycle, vulnerability assessments and remediation. Work with Infrastructure engineering teams throughout the SSDL to ensure their efforts are secure.
San Francisco (CA), Bellevue (WA), Herndon (VA), Burlington (MA)
Product Security Engineer:
Penetration testing, applications, products, secure software development lifecycle, vulnerability assessments and remediation. Work with Product engineering teams throughout the SSDL to ensure their efforts are secure. (All levels)
Burlington (MA), San Francisco (CA), Bellevue (WA), Indianapolis (IN)
Remote work is available for Senior, Lead and Principal Level talent with exceptional skills
Requirements
BS/MS degree, or relevant work experience
Infrastructure and/or application security experience
Expert knowledge in computer and network security
Extensive knowledge of the OWASP Top 10 and CWE Top 25
Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.
Experience in software development, Java, PHP, Perl, Python, Ruby, or other relevant languages
BS Computer Science or equivalent knowledge and experience
A hacker's mindset