Posted over 5 years ago

Job CategoryProducts and Technology

Job Details

Open roles include:

Job level dependent on experience

Detection Engineer

Threat Intel Engineer

Threat & Vulnerability Management Engineer

CSIRT Engineer

Endpoint Security Engineer

Salesforce is looking to add to our expanding security organization. We're seeking Security Operations Engineers who are passionate about security and have had hands-on operational experience with infrastructure at a cloud scale. The Security Operations team is responsible for helping ensure that Salesforce becomes the most secure and compliant enterprise cloud solution. Security Operations includes the Detection Cloud, CSIRT, Threat & Vulnerability Management and Threat Intelligence teams among others. This group manages a fast-paced and constantly growing environment that seeks to implement cutting-edge technology to secure the infrastructure behind one of the world's largest business driving technologies. As a member of one of these Security Operations teams, you understand modern cyber threats, how to detect them, how to efficiently respond to them, and an interest in growing as a cyber security professional.

All Positions Require:

+ A passion for Information Security

+ Attention to detail

+ Experience in Information Security, including security operations

+ Security incident response in coordination with other teams across the company and/or externally as required

+ Monitoring devices such as network and host-based intrusion detection systems, web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs.

+ Understanding of attack vectors and tools as well as the best practices for securing systems and networks

+ Strong technical understanding of network fundamentals and common Internet protocols

+ Strong understanding of the information security threat landscape (attack vectors and tools, best practices for securing systems and networks, etc.)

+ Familiarity with Microsoft Windows, Mac OSX, and Linux/Unix system administration and security controls

+ Formulating and implementing monitoring, policies, procedures and standards relating to system security

+ Support ongoing and new security/compliance initiatives

+ The ability to build strong relationships with peers both internal and external to your functional group, and with peers/professional organizations outside your company

+ Must have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff.

+ Some travel may be required

+ Job level dependent on experience

Detection Cloud Engineers

Required Skills/Experience:

+ Experience analyzing security event data for anomalies. web application firewalls, database security monitoring systems, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs

+ Experience managing intrusion detection systems (such as Suricata or Sourcefire)

+ Experience configuring security incident and event management tools (such as LogRhythm, Symantec SIM, LogLogic), including creating event filtering and correlation rules and reports.

+ Ability to write intrusion detection system rules

Desired Skills/Experience:

+ Strong scripting skills (i.e. Python/Perl, shell scripting) a significant plus

+ Experience with Splunk or ElasticSearch

+ Relevant information security certifications OSCP, OSCE, SANS GCIA, SANS GCIH, SANS GPEN, SANS GFCA and CISSP

Threat Intelligence Engineers

Required Skills/Experience:

+ Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis

+ Strong background in query development for SIEM/IDS

+ In depth understanding of APT TTP's

+ Demonstrated understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation

+ Demonstrated hands-on experience analyzing high volumes of logs, network data (e.g. Netflow, PCAP, Flow Log), and other artifacts in support of incident investigations.

+ Experience with malware analysis concepts and methodology

+ Motivated self-starter with strong written and verbal communications skills, and the ability to create complex technical reports on analytic findings

Desired Skills/Experience:

+ Strong scripting skills (i.e. Python/Perl, shell scripting) a significant plus

+ Experience with Splunk or ElasticSearch

Threat & Vulnerability Management Engineers

Responsibilities:

+ System vulnerability assessments and remediation, including the assessment/deployment of vendor security updates

+ Security incident response in coordination with other teams across the company and/or externally as required

+ Design and develop tools to automate operations or reporting tasks

+ Support ongoing and new service/compliance initiatives

Required Skills /Experience:

+ Demonstrated understanding of general Unix/Linux systems administration (Or similar, e.g. Ubuntu, Solaris, etc.)

+ Working knowledge of standard Unix infrastructure tools/protocols (DHCP, DNS, NTP, SYSLOG, SSH, IPSec etc.)

+ Knowledge of host based security

+ Basic cross-functional understanding of network engineering concepts and protocols (e.g., TCP, UDP, SSL, etc.)

+ Experience with writing scripts and automation (Perl, Go, Shell, Python, etc)

+ Working in high-availability, 24x7x365 large-scale multi-data center environment

+ Experience with vulnerability scanning, web development, and server administration experience

CSIRT Engineers

The Security Incident Handler is responsible for leading the response to low and medium severity incidents and participating in the response to high severity incidents. This position is based in our 24x7 operations center and may require occasional weekend on-call shifts.

Required Skills:

+ Security monitoring, triaging and response experience in a 24/7/365 environment

+ Understanding of internet protocols (DNS, HTTP, HTTPS/TLS, SMTP)

+ Responding to security incidents in a production environment, such as investigating and remediating possible endpoint malware infections and mitigating email borne threats such as spam and phishing.

Desired Skills:

+ System forensics/investigation skills, including analyzing system artifacts (file system, memory, running processes, network connections) for indicators of infection/compromise.

+ ?Scripting skills (i.e. Python/Perl, shell scripting) a significant plus.

+ Relevant information security certifications, such as CISSP, SANS GCIA, SANS GCIH, SANS GPEN, SANS GCFA, Offensive Security OSCP.

Endpoint Security Engineers

As the Endpoint Security Engineer, you will be focused on protecting Salesforce assets from threats. In this role, you'll be responsible for ensuring Salesforce's suite of endpoint security tools are deployed on every supported endpoint.

Required Skills/Experience:

+ Experience managing client-server architectures.

+ Must have strong problem-solving and analytical skills and demonstrate poise and ability to act calmly and competently in high-pressure, high-stress situations.

+ Must have a fundamental understanding of accepted security practices, troubleshooting issues, attack vectors, and customer support.

+ Strong operational knowledge of Windows Server, Windows Client, Linux, Mac, iOS, Android Operating Systems.

+ Strong understanding of Network Protocols.

+ A clear understanding of the OSI model, TCP/IP and industry-standard defensive concepts.

+ Experience operating, troubleshooting, installing, and configuring endpoint security solutions (e.g. Antivirus, Application Whitelisting, Host Intrusion Prevention and Firewall, Forensic Analysis Tools, Advanced Malware Solutions, IOC Sweepers).

+ Experience deploying and configuring various security tools on large enterprise endpoints.

+ Responsible for scheduling, testing, and implementing enhancements or new releases of the endpoint security stack.

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes's "World's Most Innovative Company"

+ *LI-Y

Posting Statement

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work For six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!