Product Security Engineer

New York, NY, United States

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Product Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

Salesforce Inc.  seeks Product Security Engineer in New York, NY:

Job Duties: Participate in Security Risk Assessment workshops and interviews with technical teams, engineers and developers. Investigate, process Security Issues and Exceptions and provide visibility to leadership. Coordinate with Security Assurance, Control Owners, Business units/stakeholders on Corrective action plan, follow up, validation and resolution of issues, exceptions and extensions identified. Participate in compliance external audits with control owners and business units/stakeholders to support the timely and high-quality execution of certification programs. Obtain and analyze control process policies, standards and supporting documentation. Identify and document areas of gaps or risks in existing control processes and work to develop solutions with internal business partners. Work with Engineering teams to figure out how to deliver security requirements within their tools in a usable and meaningful way. Identify areas of improvement for how information security standards are structured and managed to increase usability and ease of use from end user feedback. Create dashboards to help manage and provide visibility into the current state of the Salesforce ISMS program. Participate in Internal Controls Testing and interviews with Control Owners. Obtain and analyze control process policies, standards and supporting documentation. Assist in scoping and planning readiness/external audit work. Status reporting and tracking of ongoing assessments. Participate in readiness/external audit walkthroughs. Scope and perform application security reviews of our full stack web applications, APIs, and platform architectures. Provide our engineers with well-researched security advice to demonstrate vulnerabilities and provide secure development guidance. Assist in the triage of vulnerabilities that are found internally, privately or publicly disclosed, or reported through our bug bounty program. Telecommuting is an option. Some travel to Salesforce offices may be required.

Minimum Requirements: Master’s degree (or its foreign degree equivalent) in Cybersecurity, Engineering (any field), or a related quantitative discipline.

A related technical degree required (Cybersecurity, Engineering (any field)).

Special Skill Requirements: 1.) Security Assessments; 2.) Code Reviews; 3.) Penetration Testing; 4.) Operating system security and vulnerabilities; 5.) Secure Network Design; 6.) Writing scripts to automate detection of Vulnerabilities; 7.) Produce research and collaborate with peers in the broader infosec community; 8.) Experience with secure development practices; 9.) Securing Cloud-based workloads; 10.) OWASP Top 10 Vulnerabilities;  11.) Threat Modeling;  12.) Auditing Security controls; 13.) Vulnerability Assessments; 14.) Familiarity with security protocols at different network layers; and 15.) Ability to analyze and assess security protocols. Telecommuting is an option. Some travel to Salesforce offices may be required.

Submit a resume using the apply button on this posting or by email at: [email protected] at Job# 21-1163. Salesforce is an Equal Opportunity & Affirmative Action Employer.

#LI-DNI

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

Salesforce welcomes all.

For New York-based roles, the base salary hiring range for this position is $114,795 to $188,600. For Colorado-based roles, the base salary hiring range for this position is $114,795 to $188,600. For Washington-based roles, the base salary hiring range for this position is $114,795 to $188,600. For California-based roles, the base salary hiring range for this position is $114,795 to $188,600. For Hawaii-based roles, the base salary hiring range for this position is $114,795 to $188,600. Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.