Enterprise Security Engineer
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
Are you a security professional passionate about translating technical risks into balanced guidance for a diverse workforce? Are you inspired by innovating pragmatic solutions for security challenges across a broad range of enterprise infrastructure platforms and products? Do you get excited about enabling an effective security program at scale?
Enterprise Security Assurance secures our enterprise environment that serves our rapidly expanding workforce. In this role, you will partner closely with technology and business partners to understand their objectives, identify threats, and scale our enterprise security programs. You will collaborate with our Business and IT organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will also have the opportunity to identify emerging threats and design new processes that balance security and business agility across Salesforce.
At Salesforce Trust is our #1 value. We are looking for a team player who can contribute and grow alongside an established and experienced team of technical security professionals. Are you interested in becoming part of an innovative, business-centric security team that focuses on preventing and remediating risk to the organization?
- Perform full stack security assessments of a diverse and complex range of environments including:
- Operating system and hardware platforms (server and client endpoints, mobile and other embedded devices)
- Network infrastructure (switches, routers, wireless access points, load balancers, firewalls, VPN, SDN, cloud)
- Authentication and authorization services (SAML, OAuth, Radius, Kerberos)
- Public cloud infrastructure platforms and technologies (AWS, GCP, Azure, Terraform)
- Securing Web Applications, SaaS pentesting
- Code Reviews and SDLC
- Security Architecture Design Reviews
- Threat model common attacker methods to develop appropriate mitigation techniques.
- Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle.
- Define and develop technical security standards and guidelines with business stakeholders.
- Research new technologies, emerging threats, and vulnerabilities.
- 3+ years experience in one of the following security roles: security operations, security engineering, incident response, penetration testing, intrusion detection, network security, application security, identity management, cryptography, or endpoint security controls (Experience varies by role level)
- Understanding of major areas pertaining to security:
- Common network security models and protocols.
- Methods of determining integrity and providing confidentiality.
- Operating systems internals and vulnerabilities.
- Exploit mitigation techniques.
- Application security.
- Excellent communication skills with experience providing advice to internal customers on risk assessment, threat modeling, and remediation of vulnerabilities.
- Ability to distill complex technical information verbally during situation reports and briefings.
- Proven project management and organizational skills.
- Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team.
- At least one security related certification such as OSCP, GCIH, GCIA, GPEN, GWAPT, GMOB, GPPA, CCNP, CCNP Security, CCIE Security
- Hands-on experience designing solutions or performing security testing of cloud environments (AWS, Azure, Google Cloud)
- Experience performing detailed network traffic analysis, architecture review, and engineering network security solutions
- Experience writing security white papers and/or presenting at industry security conferences and events.
- Strong working experience with common security assessment tools such as BurpSuite, Nexpose, Nessus, Metasploit, Nmap
- Strong understanding of encryption methods
Benefits & Perks
Check out our benefits site which explains our various benefits, including wellbeing reimbursement, generous parental leave, adoption assistance, fertility benefits, and more.
Check out our Salesforce Engineering Site.
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.