Security Threat Detection Engineer, PMTS

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Software Engineering

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

Our Security team supports the unwritten fourth tenet of Slack's mission: make people's working lives more secure. We are passionate about protecting our infrastructure, operations, and most importantly, our customer data. We take a thoughtful approach to security, and strive to deliver low friction high-impact features to protect our customers.

As Slack’s data, customers and features grow, protecting customer data becomes an even more significant challenge. As a member of the Slack Security Customer Protection team, you would be primarily focussed on detecting entities who intend/attempt to use Slack for malicious purposes. You will develop and use tools to tease out high-fidelity signals from the noise, while collaborating with your peers to respond to and eradicate unwelcome behaviors(such as fraud, abuse, spam etc.) on the platform. You will develop and deploy analytics that inspect the Slack internal telemetry for suspicious behaviours and surface them as anomalies to our customers.  

Slack has a positive, diverse, and encouraging culture—we look for people who are curious, innovative and work to be better every single day! In our work together we seek to be smart, humble, hardworking and, above all, collaborative.

What you will be doing

• You will understand the current data pipelines and datasets, and come up with innovative solutions to analyze them and identify unique outliers and patterns

• Participate in efforts to organize and query the datasets to support various detection engineering projects in flight

• Envision and develop innovative signals and roll them out across customer workspaces, which would aid the customer to identify anomalous behavior within their workspace, across different stages of the Kill Chain.

• Collaborate with key multi-functional teams (Data and Backend engineering teams, Core platform and product teams etc.) to contribute towards security specific in-product feature development efforts.

• Partner with fellow security practitioners to develop and maintain internal tools and solutions that support our detection engineering efforts  

Requirements

• Strong experience in Information Security centric roles, devising strategies and building controls to counter sophisticated and constantly evolving threats. 

• Ability to envision various Security Incident scenarios that could impact a customer and take an empathetic approach to developing detections to aid customers

• Ability to query large amounts of data to investigate anomalous activity and deploy detections to surface similar activity when it occurs in other customer workspaces  

• Experience understanding Threat Actor Tactics, Techniques & Procedures (TTPs) and able to build detections to detect such TTPs 

• Experience working in a security function, particularly Digital Forensics and Incident Response (DFIR), Threat Detection and/or Threat Hunting background.

• Expertise in high-level programming languages, particularly Python or Go. Ability to write efficient SQL queries and dig out relevant information. 

*LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that’s inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

For California-based roles, the base salary hiring range for this position is $184,000 to $306,600.

Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.