Security Engineer vacancy at Salesforce

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole team made up of our employees, customers, partners, and communities, we are working to improve the state of the world!

General overview of the role

We are looking for the best security engineers in the world. If you fit that profile, we will work with you to ensure that your job title/level is aligned to your skill set. We are hiring for mid, senior, lead, and principal level security engineers.

Responsibilities

Specific Openings:

Application Security Engineer:

The Enterprise Security AppSec team is responsible for internal applications and 3rd parties across the company. We do black box testing, code reviews, automation, threat modeling and research to reduce risk to Salesforce and scale with the growth of the company. Innovation is key, we are constantly questioning our processes to improve their efficacy or make them more efficient. Work life balance, career growth, diversity and personal responsibility are all key values of our team.

San Francisco (CA)
Infrastructure Security Engineer:

Penetration testing, networks, infrastructure, secure software development lifecycle, vulnerability assessments and remediation. Work with Infrastructure engineering teams throughout the SSDL to ensure their efforts are secure.

San Francisco (CA), Bellevue (WA), Herndon (VA), Burlington (MA)
Product Security Engineer:

Penetration testing, applications, products, secure software development lifecycle, vulnerability assessments and remediation. Work with Product engineering teams throughout the SSDL to ensure their efforts are secure. (All levels)

Burlington (MA), San Francisco (CA), Bellevue (WA), Indianapolis (IN)
Remote work is available for Senior, Lead and Principal Level talent with exceptional skills

Requirements

BS/MS degree, or relevant work experience

Infrastructure and/or application security experience

Expert knowledge in computer and network security

Extensive knowledge of the OWASP Top 10 and CWE Top 25

Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.

Experience in software development, Java, PHP, Perl, Python, Ruby, or other relevant languages

BS Computer Science or equivalent knowledge and experience

A hacker's mindset