_To get the best candidate experience, please consider applying
for a maximum of 3 roles within 12 months to ensure you are not
Products and Technology
We are looking for a seasoned security engineer that wants to
leverage their existing penetration testing, offensive security,
DevSecOps, and/or infrastructure engineering skills within a
dynamic and fast-moving cloud environment. The work will focus
primarily on full stack infrastructure security and product
security assessments and will include conducting deep dive pentest
engagements across multiple clouds, acquisitions, and first-party
and public cloud environments; performing code review, threat
modeling, assisting the engineering teams of acquisitions integrate
with Salesforce standards, and assisting acquisition engineering
teams remediate issues uncovered during security testing.
+ Role: Offensive Security/Pentester
+ Level: Senior or Lead
+ Location(s): Bellevue, WA / Bay Area, CA / US / Remote
+ Perform grey and white box penetration testing; leverage code
review skills to identify vulnerabilities and test
internally-developed systems and network automation tools, as well
as third-party vendor solutions
+ Provide security guidance and input to engineering and
operational teams during design review and threat modeling
+ Develop secure coding practices and recommend technical
mitigations for systems and network-focused development teams
+ Develop hardening guidelines and review security
+ Experience in infrastructure vulnerability assessments and
+ Experience with static and dynamic code analysis
+ Experience threat modeling SaaS products, cloud
infrastructure, RESTful microservices, etc
+ Strong IaaS security skills, with a focus on AWS, Azure,
+ Strong scripting/development skills (ex: Python, Go, Ruby,
+ Experience fuzzing applications and protocols
+ Track record of bug bounty awards and/or CVEs
+ Knowledge of secure software development lifecycle
+ Experience performing code and infrastructure design
+ Familiarity with building, deploying, maintaining security
+ Proficiency in Linux systems engineering/operations
+ Understanding of Microsoft Windows Server/AD deployments
+ Assembly/exploit development experience
**The Ideal Candidate:**
+ Thinks like an attacker
+ Some way, somehow finds a way to "get it done"
+ Active within the security community
+ Has presented/published interesting bugs or CVEs
+ Full stack pentester (80% infra / 20% web app)
+ Code review experience
+ Knowledge of securing infrastructure on one or more cloud
providers (AWS, GCP, Azure)
+ Demonstrable history of build and deploy within a dynamic
enterprise cloud environment
+ Deep engineering, SecDevOps, and/or pentest experience in a
public cloud environment
+ Strong IAM experience
+ Design review experience
+ Proficiency in one or more scripting languages
**Accommodations** **-** If you require assistance due to a
disability applying for open positions please submit a request via
this Accommodations Request Form.
At Salesforce we believe that the business of business is to
improve the state of our world. Each of us has a responsibility to
drive Equality in our communities and workplaces. We are committed
to creating a workforce that reflects society through inclusive
programs and initiatives such as equal pay, employee resource
groups, inclusive benefits, and more. Learn more about Equality at
Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment
Opportunity and Affirmative Action Employers. Qualified applicants
will receive consideration for employment without regard to race,
color, religion, sex, sexual orientation, gender perception or
identity, national origin, age, marital status, protected veteran
status, or disability status. Salesforce.com and Salesforce.org do
not accept unsolicited headhunter and agency resumes.
Salesforce.com and Salesforce.org will not pay any third-party
agency or company that does not have a signed agreement with
Salesfore.com or Salesforce.org.
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los
Angeles Fair Chance Initiative for Hiring, Salesforce will consider
for employment qualified applicants with arrest and conviction
Founded in 1999, Salesforce is the global leader in Customer
Relationship Management (CRM). Companies of every size and industry
are using Salesforce to transform their businesses, across sales,
service, marketing, commerce, and more by connecting with customers
in a whole new way. We harness technologies that can revolutionize
companies, careers, and, hopefully, our world.
Salesforce is built on a set of four core values: Trust,
Customer Success, Innovation, and Equality. By making technology
more accessible, we're helping create a future with greater
opportunity and equality for all. This has taken our company to
great heights, including being ranked by Fortune as one of the
"Most Admired Companies in the World" and one of the "100 Best
Companies to Work For" eleven years in a row, and named "Innovator
of the Decade" and one of the "World's Most Innovative Companies"
eight years in a row by Forbes.
There are those who choose to work with the best and brightest.
And then, there are those who want to do more than just a job. They
are the ones improving lives, not only their careers. Having an
impact now instead of later. Doing something that's so much bigger
than themselves, an industry, and their company.
We believe everyone can be a Trailblazer. Join Salesforce and
discover a future of new opportunities.