Job Details

Senior Infrastructure Security Engineer (Threat Design Review)

San Francisco, California, United States
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. Job CategoryProducts and TechnologyJob DetailsSenior Infrastructure Security EngineerTrust is the #1 company value at salesforce. Our team secures the shared-services, platforms and shared infrastructure used by organizations to develop & deploy various Salesforce services.You'll work partner with product software engineers to design, threat-model and verify the implementations of these services and educate our teams on secure application development and emerging threats. In addition, you will create new tools, conduct industry-leading research, and solve challenging technical problems on the forefront of security.Must Have:Demonstrated ability and experience securing large complex enterprise architectures or systems deployed in public cloudDemonstrated ability and experience performing threat modeling / data flow diagramming / architecture risk analysis, identifying bugs and flaws and driving work items from these activities to resolutionDemonstrated ability to work with engineers to identify the tradeoffs of different solutions and recommend the ideal design that meets the team's (non)-functional requirements as well as our security requirements.A passion around improving security development lifecycle and delivering security guidance to engineers in language they understand.Strong writing and presentation skills. Should be able to communicate at all levels in the organizations and in some situations act as a technical writer. Possess the ability to communicate concisely, clearly, and intelligently to partners from a variety of backgrounds, including those who are non-technical.Offensive mindset: consider abuse and attack paths as well as the defensive mindset to recommendations to prevent themAbility to suggest well written and complete remediation guidelines for the bugs found during the review.Ability to adapt to evolving security and business priorities quickly and effectively.Presentation/communication skills, particularly for an executive audienceNice-to-Have:Ability to work with data, identify trends and propose comprehensive mitigations that eradicate systemic security concernsExperience managing or participating in an information security program and improving or proposing improvements to a secure development lifecycleSome experience performing penetration testing or familiarity with the processFamiliarity with compliance and security requirements and an ability to translate these product requirements.Reasonable understanding of cryptography and able to recommend standard solutions for protecting data at rest and in storage, transport and identity purposesA functional understanding of one or more public cloud providers: AWS / GCP / AzureExperience with building or specifying requirements for security automationWorking knowledge of the OWASP Top 10 Security vulnerabilities and/or WASC 25 Security Vulnerabilities Education:Bachelor's Degree preferredAccommodations - If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form. Posting StatementAt Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits. and are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. and do not accept unsolicited headhunter and agency resumes. and will not pay any third-party agency or company that does not have a signed agreement with or welcomes all.Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Send application

Mail this job to me so I can apply later

Apply With CV

You are not logged in. If you have an account, log in to your account. If you do not have an account, why not sign up? It only takes a minute!

latest videos

Upcoming Events