Senior Security Assurance Engineer - Dallas, United States - Salesforce

Description

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category
Product

Job Details
About Salesforce
We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM.

Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way.

And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world.

If you believe in business as the greatest platform for change and in companies doing well and doing good – you've come to the right place.

We are looking for the best security engineers in the world.
Do you want to help secure the experience of millions of people every day? If the answer is yes then Salesforce is looking for people like you
We are hiring for a Senior Security Assurance Engineer on our Security Assurance team.

Security Assurance works to ensure no significant security risk escapes into customer-facing products, the supporting platform, or our enterprise technology stack by providing continual security assurance throughout the lifecycle.

Security Assurance functions include:

conducting design and implementation assessments, performing application security reviews, writing security recommendations, testing, researching security issues, building security tools, and other security related engagements.

We secure a broad range of technologies on-premise and in public cloud substrates, including sophisticated web applications, distributed processing systems, virtualized environments, etc.

Security Assurance supports our engineering teams on the full stack; from the application layer down, ensuring the security of our customer-facing products, and being security domain guides to engineering teams across Salesforce.

GENERAL SECURITY RESPONSIBILITIES
Partner with engineering teams; performing threat modeling, architecture risk analysis, identifying security vulnerabilities, and driving work items and bugs from these activities to resolution


INFRASTRUCTURE SECURITY RESPONSIBILITIES:
Ability to secure large, sophisticated enterprise architectures or systems deployed in public cloud

Brainstorm with counterparts in the engineering teams to drive security improvements upstream

Identify the trade-offs of different solutions and recommend designs to achieve both functional goals and security requirements

Perform testing, infrastructure/vulnerability assessments, and remediation activities

Work with engineering teams throughout the SDLC to ensure their efforts are secure


APPLICATION SECURITY RESPONSIBILITIES:
Perform design and code reviews of our flagship services and product offerings

Develop new automation and tooling to improve our analysis, detection, and prevention capabilities

Perform innovative applied research on new attacks and present new findings to both internal and external audiences

Develop secure code practices and provide hands-on training to engineering and operations


Minimum Qualifications:
Bachelor's degree in Computer Science, Computer Engineering, related technical field required, or equivalent practical experience

4+ years of meaningful work experience

An attacker's mindset

Demonstrated ability in a security engineering or security research role

Infrastructure and Application Security experience

Securing products and infrastructure from the OWASP Top 10 and CWE Top 25

Exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, etc.

Public Cloud:
Amazon Web Services, Google Cloud Platform, Microsoft Azure, Alibaba Cloud, etc.

Experience in software development in one or more languages: Java, Perl, Python, Ruby, etc.

Degree-level education, certification(s), and/or meaningful work experience

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces.

We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more.

Learn more about Equality at and explore our company benefits at
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer.

Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status.

Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

For Washington-based roles, the base salary hiring range for this position is $151,800 to $208,800. For California-based roles, the base salary hiring range for this position is $165,600 to $227,700. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits.

More details about our company benefits can be found at the following link:

#J-18808-Ljbffr