October 22, 2016
  • This company is committed to hiring veterans.

Production Product Security, Linux OS & Web Application Security

Salesforce.com - Santa Monica, CA

View Job Summary View Job Summary
  • Company
    Salesforce.com Salesforce.com
  • Location
    Santa Monica, CA
  • Job Type
  • Job Classification
    Full Time
  • Experience
    Entry Level (0 - 2 years)
  • Education
    Bachelors Degree
  • Company Ref #
    49124_Santa Monica
  • AJE Ref #

Job Description

Post Date:

Salesforce will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

Trust is the #1 company value at salesforce. Our Product Security team ensures the security of our products and serves as subject matter experts for our infrastructure and network operations teams in today's rapidly evolving threat landscape. We are a team of curious minds that specialize in security research, penetration testing, and innovative tool development. We work in a large scale, multi-tenant environment that includes Linux OS and AWS.

Your role will be to work side by side with the existing product security team members, utilizing your deep knowledge of black box testing and penetration testing of our Linux OS, AWS and related automation software and related web application security software to find vulnerabilities, and coach internal teams on remediations. You will also help to ensure that related security policies and procedures are adhered to with the goal of keeping salesforce data secure. You'll work closely with the technology organization to evaluate the design and implementation and upgrades/modifications to our datacenters. You will also help to educate the infrastructure security software engineering team on secure application development and emerging threats. In addition, you will create new tools, conduct industry-leading research, and solve challenging technical problems on the forefront of Linux OS and application security.


* Perform Black-Box penetration testing and code reviews of internally developed linux os automation, api, and related Linux OS tools, as well as 3rd party vendor solutions

* Provide security guidance and oversight to engineering and operational teams by participating in design reviews and threat modeling for Linux OS and related web application security

* Develop hardening guidelines and review security configurations related to Linux/Unix hosts, and common application web application frameworks

* Provide security guidance and architectural review for logical datacenter designs

* Research new security technologies and perform cutting-edge research on new attacks


* B.S. / M.S. in Computer Science, Electrical Engineering or related experience.

* Work experience in Linux OS security role

* Work experience in a web application security role

* Relevant experience in at least 2 of these languages with reasonable: proficiency.Java, Javascript, C, Python, Perl, Ruby, Go, Java EE, Node.js, Ruby on Rails, Django

* In-depth experience identifying and mitigating security vulnerabilities in web applications and operating systems

* Experience working with RedHat Enterprise Linux (RHEL) or other Unix/Linux operating systems


* Expertise in database security with Oracle, MySQL or PostgeSQL

* Network security penetration testing and vulnerability assessments

* Expertise with virtualization and hypervisor security

* Embedded device firmware analysis or reverse engineering experience

* Background with automated configuration management and/or build management tools

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work For six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!

Salesforce will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.

Salesforce.com is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com does not accept unsolicited headhunter and agency resumes. Salesforce.com will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com.