Enterprise Security Lead

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Product

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place!

About Our Team

Enterprise Security secures our enterprise environment that serves our rapidly growing workforce. As Enterprise Security Lead Engineer, you will partner closely with technology and business partners to understand their objectives, identify threats, and scale our enterprise security programs. You will collaborate with our Business and IT organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will also have the opportunity to identify emerging threats and design new processes that balance security and business agility across Salesforce!

Impact - Responsibilities

• Perform full stack security assessments (such as architecture and design reviews, code reviews, and penetration tests) across a diverse and sophisticated range of environments including:
  • Operating system and hardware platforms (server and client endpoints, mobile and other embedded devices)
  • Network infrastructure (switches, routers, wireless access points, load balancers, firewalls, VPN, SDN, cloud)
  • Authentication and authorization services (SAML, OAuth, Radius, Kerberos)
  • Public cloud infrastructure platforms and technologies (AWS, GCP, Azure, Terraform)
  • Middleware and API services
  • Web applications/SaaS applications
• Threat model common attacker methods to develop appropriate mitigation techniques, providing mentorship that balances security requirements with functional requirements.
• Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle.
• Define and develop technical security standards and guidelines with business partners.
• Research new technologies, emerging threats, and vulnerabilities for strategic planning and process improvements.

Minimum Qualifications:

• Bachelor's degree or equivalent experience in Computer Science, Engineering, Enterprise Security or related fields
• 6+ years experience in a security role with focus points in: application and network security, security engineering, infrastructure engineering, incident response/handling, penetration testing, red or blue team operations, intrusion detection, firewall/access control technologies, risk management, identity management, Windows, Mac or Linux security, encryption technologies, or endpoint security controls
• Knowledge of key areas pertaining to security such as common network security models and protocols, methods of resolving integrity and providing confidentiality, operating systems internals and vulnerabilities, public key infrastructure and digital certificates, exploit mitigation techniques, and application security
• Strong experience performing security assessments with common tools such as BurpSuite, Nexpose, Nessus, Metasploit, Nmap
• Experience performing manual and tool-assisted code reviews (Java, JavaScript, Python, and other languages)
• Hands-on experience designing solutions or performing security testing of cloud environments (AWS, Azure, Google Cloud)

Preferred Qualifications:

• Confirmed scripting experience in one or more of these languages: Bash, PowerShell, Python, Java, JavaScript / NodeJS. Experience with DevOps, CI/CD pipelines, or secure development lifecycles.
• Security certification such as OSCP, OSEP, GCIH, GCIA, GPEN, GWAPT, GMOB, GPPA, CCNP, CCNP Security, CCIE Security
• Experience performing detailed network traffic analysis, architecture review, and engineering network security solutions
• Experience writing security white papers and/or speaking publicly at industry security conferences and events.
• Knowledge of development and security practices on the Salesforce platform, Heroku, Slack, Mulesoft, and/or Tableau.
• Strong understanding of encryption technologies.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

For Washington-based roles, the base salary hiring range for this position is $176,800 to $243,100.

For California-based roles, the base salary hiring range for this position is $192,900 to $265,200.

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.