Posted about 1 year ago
The Security Engineering team is hiring a Director of Software Development to lead the development of cloud platforms for performing automated code and package security analysis. Our mission is to build highly-available and highly-scalable distributed systems operating as a cloud platform-as-a-service (PaaS) that is capable of performing software security testing (including AST/DAST) using state-of-the art security tools, to assess the risk associated with the tested software, and to automate workflows for driving remediation of the findings. As Director of Software Development, you will manage a new development team responsible for designing, coding and maintaining such innovative security platforms. You will be responsible for hiring and retaining the best security talent around, growing your team and the people on it, and helping guide the technical direction.
This position is located in Bangalore, India and will report into our U.S. security leadership.
Develop short- and long-term product and service strategies in partnership with other engineering and operations teams
Drive design and implementation of innovative distributed software platforms for continuous assessment of security posture of the code and third-party packages used by Salesforce engineers
Lead development teams in a full-service ownership model following Agile methodologies
Manage devops activities for owned services in a 24/7 runtime environment, including driving investigations to determine root cause and implement solutions.
Collaborate with other engineering teams to solve security problems with minimal disruption to other business functions.
Hire, train and assess the performance of direct reports according to corporate policies and procedures.
Assist in the growth of employees through coaching, training and career development activities.
Interact with industry experts, vendors, partners, internal staff and auditors
Work effectively as part of a geographically distributed team
Occasional travel is required (domestic and international)
Industry experience. 10+ years of experience in software development, including:
5+ years experience in SaaS, PaaS or IaaS software development
5+ years experience in a high-availability 24/7 environment (cloud platforms are a plus)
Management experience. 3+ years of direct people management experience, with at least 5 direct reports.
Education. M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with equivalent years of experience
Platform development. Proven track of designing, coding and delivering large-scale PaaS or IaaS systems, especially on public cloud substrates (AWS/GCP)
Programming. Proficiency in object-oriented and multi-threaded programming to support code-reviews and guiding engineers in at least one of the following languages: Golang, Java, C++, Python
Security. Strong knowledge in security fundamentals: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI), vulnerability management
DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
Team. Ability to lead, motivate and grow teams of developers in a challenging, dynamic and global environment
Agile. Prior experience managing teams using agile methodologies (Scrum, Kanban)
Communication. Excellent oral and written communication skills in English
Distributed systems. Expertise in designing, implementing and operated distributed systems architectures and concepts, including several of the following:
High-performance, high-availability (99.999%) and self-recoverable systems
Control, orchestration and automation platforms leveraging containers or VMs
Storage solutions, in particular MySQL (e.g., Cassandra, MongoDB, Hadoop, Redis, Zookeeper)
Consensus and consistency frameworks (e.g., Paxos, Raft, eventual consistency)
Data-processing systems (e.g., Lambda architecture, Kafka, RabbitMQ, ELK)
RPC frameworks (e.g., Protobuf/gRPC, Thrift, Bond)
Open-source Scanning. Experience scanning open source software (OSS) and understanding flaw reports using component integration tools (e.g., Sonatype's Nexus, Veracode, Black Duck, Snyk)
SAST/DAST. Hands-on experience using or managing Static/Dynamic Application Security Testing tools (e.g, CheckMarx, Veracode, HP Fortify, Coverity, IBM AppScan, Parasoft, Klocwork, CodeSonar, Burp)
Operating systems. Development and software management on Linux systems (e.g., CentOS, RHEL)
Software design. Demonstrated expertise in applying systems patterns (e.g., Client-server, N-tier, Master/Slave, MVC) and API constructions (e.g., Swagger, OpenAPI)
Full-software ownership from idea to running in production: design, code, writing unittests, performing integration tests, deploying to production, supporting the system in the production environments
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole Ohana (Hawaiian for \"family\") made up of our employees, customers, partners and communities, we are working to improve the state of the world!
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.