Posted almost 5 years ago

Open Roles Include:

Infrastructure Security Engineer

Product Security Engineer

M&A Security Engineer

Enterprise Security Engineer

As a penetration tester at Salesforce.com you will uncover vulnerabilities and help facilitate removal. You will perform penetration tests, information security assessments, and application security assessments on a wide variety of environments. You will work with talented technical experts from various Salesforce.com teams on a regular basis. Top contributors will enjoy the freedom to work with limited barriers and the experience of working with other talented and passionate information security professionals.

All Positions Require:

Responsibilities:

• Perform penetration tests and vulnerability assessments

• Facilitate removal or remediation of vulnerabilities in collaboration with our broader engineering and operations teams

• Contribute to our penetration testing program and toolkit

• Research new threats, attack vectors and risks

• Collaborate with your colleagues

Minimum Qualifications:

• BS/MS degree, or relevant work experience

• Infrastructure and application level penetration testing experience

• Expert knowledge in computer and network security

• Extensive knowledge of the OWASP Top 10 and CWE Top 25

• Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.

• Experience in software development, Java, PHP, Perl, Python, Ruby, or other relevant languages

• BS Computer Science or equivalent knowledge and experience

• A hacker's mindset

• Experience with the latest and greatest penetration testing tools

Desired Skills and Credentials:

• Assembly/exploit development experience

• Bug bounty awards

• Information security certifications, GPEN, OSCP, OSCE, OSWE, CEH, CISSP

• Ability to self motivate when given strategic goals

Leveling: We are looking for the best security engineers in the world. If you fit that profile, we will work with you to ensure that your job title/level is aligned to your skill set. We are hiring for mid, senior, lead, and principal level security engineers.

Specific Openings:

​

Infrastructure Security Engineer:

Penetration testing, networks, infrastructure, secure software development lifecycle, vulnerability assessments and remediation. Work with Infrastructure engineering teams throughout the SSDL to ensure their efforts are secure.

• ​​San Francisco (CA), Bellevue (WA), Herndon (VA), Burlington (MA)

Product Security Engineer:

Penetration testing, applications, products, secure software development lifecycle, vulnerability assessments and remediation. Work with Product engineering teams throughout the SSDL to ensure their efforts are secure.

• ​Burlington (MA), San Francisco (CA), Bellevue (WA), Indianapolis (IN)
• Remote work is available for Senior, Lead and Principal Level talent with exceptional skills

​

M&A Security Engineer:

Static code analysis, penetration testing, code assessments and remediation. Find vulnerabilities in the infrastructue + products of Salesforce’s acquisitions, drive remediation and adoption to Salesforce’s security standards & practices.

• ​San Francisco (CA), Bellevue (WA), Indianapolis (IN), Herndon (VA), Burlington (MA)
• Remote work is available for Senior, Lead and Principal Level talent with exceptional skills

​

Enterprise Security Engineer:

Penetration testing, networks, infrastructure, vulnerability assessments and remediation. Work on products from third parties and enterprise proprietary systems to ensure security before being added to Salesforce’s ecosystem.

• ​San Francisco (CA), Bellevue (WA)
• Remote work is available for Senior, Lead and Principal Level talent with exceptional skills
• 15-25% travel is required for this role

Statement from Salesforce

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and this level of growth equals incredible opportunities to grow a career at Salesforce. Together, with our whole Ohana (Hawaiian for \"family\") made up of our employees, customers, partners, and communities, we are working to improve the state of the world!​

*LI-Y

Posting Statement

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.