Lead Acquisition Product Security Engineer
This job is no longer active.
View similar jobs.
POST DATE 9/17/2016
END DATE 11/4/2016
Little Rock, AR
JOB DESCRIPTIONAPPLY Post Date:
Salesforce will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.
Have you ever wanted to work in the fast pace of a startup, with the support of a company that actually cares about security*
Trust is the #1 company value at Salesforce. As part of the realization of this value, our Acquisition Security team assesses and ensures the security of products we acquire. We serve as subject-matter experts for acquisition engineering teams and guide them through a Trust process, specializing in rapid deployments and phased additions of security controls. We are a team of diligent and curious minds that specialize in numerous programming languages, startup technologies, cloud environments, penetration testing, and innovative tool development.
With the full backing of our executive leadership at both Salesforce and the acquisitions, you'll work closely with technology leaders to help create innovative security solutions for our products, and educate our teams on secure application development and emerging threats. As part of our team you will create tools with the different engineering teams that scale across acquisitions and the Salesforce product.
* Evaluate risks and vulnerabilities associated with a potential acquisition.
* Present the security risks of a potential acquisition to executives.
* Be able to speak authoritatively on a variety of security topics at a high level.
* Learn the risks uniquely associated with acquisition (large and small) environments and be able to adjust risk tolerances as necessary.
* Know several programming languages and are able to quickly learn others. Be able to articulate their inherent security pros and cons.
* Guide the organization's security and privacy initiatives by participating in design reviews and threat modeling.
* Participate in incident response and vulnerability remediation efforts.
* Evaluate application security tools for internal consumption.
* Develop new automation and tooling to improve detection and prevention capabilities.
* Develop secure code practices and provide hands-on training to developers and quality engineers at different acquisitions.
* M.S. in Computer Science, Electrical Engineering or related experience.
* 7+ years work experience in an application security role.
* Expert at identifying and protecting against web application vulnerabilities.
* Strong knowledge of the web browser security model, cryptography, and network security.
* Experience securing environments in cloud providers such as AWS.
* Startup or Merger & Acquisition Experience
* Contributions to the security community such as: research, public CVEs, bug-bounty recognitions, open-source projects, blogs, or publications.
* Familiarity with security tools such as static analysis, runtime analysis, black-box testing.
* Security "attacker" mindset: Passion for breaking all the things unbreakable.
Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work For six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!
Salesforce.com is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com does not accept unsolicited headhunter and agency resumes. Salesforce.com will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com.