Senior Enterprise Security Engineer

Company: Salesforce
Location: Bellevue
Posted on: April 24, 2024

Job Description:

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts. Job Category Product Job Details About Salesforce We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place. Are you a security professional passionate about translating technical risks into balanced guidance for a diverse workforce? Are you inspired by innovating pragmatic solutions for security challenges across a broad range of enterprise infrastructure platforms and products? Do you get excited about enabling an effective security program at scale?

Enterprise Security Assurance secures our enterprise environment that serves our rapidly expanding workforce. In this role, you will partner closely with technology and business partners to understand their objectives, identify threats, and scale our enterprise security programs. You will collaborate with our Business and IT organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will also have the opportunity to identify emerging threats and design new processes that balance security and business agility across Salesforce.

Primary Responsibilities:

• Perform full stack security assessments of a diverse and complex range of environments including:
• Operating system and hardware platforms (server and client endpoints, mobile and other embedded devices)
• Network infrastructure (switches, routers, wireless access points, load balancers, firewalls, VPN, SDN, cloud)
• Authentication and authorization services (SAML, OAuth, Radius, Kerberos)
• Public cloud infrastructure platforms and technologies (AWS, GCP, Azure, Terraform)
• Securing Web Applications, SaaS pentesting
• Code Reviews and SDLC
• Security Architecture Design Reviews
• Threat model common attacker methods to develop appropriate mitigation techniques.
• Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle.
• Define and develop technical security standards and guidelines with business stakeholders.
• Research new technologies, emerging threats, and vulnerabilities. Minimum Qualifications:
  • 3+ years experience in one of the following security roles: security operations, security engineering, incident response, penetration testing, intrusion detection, network security, application security, identity management, cryptography, or endpoint security controls (Experience varies by role level)
  • Understanding of major areas pertaining to security:
  • Common network security models and protocols
  • Methods of determining integrity and providing confidentiality
  • Operating systems internals and vulnerabilities
  • Exploit mitigation techniques
  • Application security
  • Excellent communication skills with experience providing advice to internal customers on risk assessment, threat modeling, and remediation of vulnerabilities
  • Ability to distill complex technical information verbally during situation reports and briefings
  • Proven project management and organizational skills
  • Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team Preferred Qualifications:
    • Relevant scripting experience in one or more of these languages: Bash, Powershell, Python, Java, JavaScript / NodeJS. Experience with DevOps, CI/CD pipelines, or secure development lifecycles.
    • At least one security related certification such as OSCP, GCIH, GCIA, GPEN, GWAPT, GMOB, GPPA, CCNP, CCNP Security, CCIE Security
    • Hands-on experience designing solutions or performing security testing of cloud environments (AWS, Azure, Google Cloud)
    • Experience performing detailed network traffic analysis, architecture review, and engineering network security solutions
    • Experience writing security white papers and/or presenting at industry security conferences and events.
    • Strong working experience with common security assessment tools such as BurpSuite, Nexpose, Nessus, Metasploit, Nmap
    • Strong understanding of encryption methods Accommodations If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form. Posting Statement At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com. Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce. ---Salesforce welcomes all. Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records. For Washington-based roles, the base salary hiring range for this position is $151,800 to $208,800. For California-based roles, the base salary hiring range for this position is $165,600 to $227,700. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.

Keywords: Salesforce, Sammamish , Senior Enterprise Security Engineer, Engineering , Bellevue, Washington