Staff Software Engineer, Product Security, Tooling - Slack

Portland, OR, United States

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Software Engineering

Job Details

About Salesforce

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.

About Us

The Product Security Tooling team fortifies Slack’s security posture by developing and maintaining automated solutions that reduce the product’s attack surface. We build systems that identify security risks and enable risk owners to remediate them at scale. We work closely with Slack engineers to ensure that they have a frictionless and integrated developer experience with innovative security tools. We proactively find opportunities to reduce manual workflows in security processes and build automation to address bottlenecks.

The Team Has Two Major Workstreams

Vulnerability Management

Security Tooling

What You Will Be Doing

Be one of the lead engineers for the newly-formed Tools team with the ability to make a strong impact by automating our security processes

Unique opportunity to shape the team’s technical stack and product usage

Partner with Engineering and Technical Program Managers to create technical roadmaps. You will work to accomplish the team’s mission of build, buy, and operate internal and third-party security tooling at scale. Together, we will make results easily and programmatically accessible to the Slack Security and Engineering teams.

Establish a technical baseline and expectations for how to standardize the operation of application security tooling at Slack

Develop key performance indicators around vulnerabilities, triage, and security controls

Lead, mentor, and guide team members through the software development and operation lifecycles

Partner with people leader stakeholders to help influence change and promote cross-functional communication

Mentor and grow other engineers by providing thoughtful feedback during all phases of the development lifecycle

Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns

Serve as a public representative for security at Slack by engaging in internal and external speaking engagements

Take an active role in driving security initiatives at Slack

Seek out opportunities to automate processes when appropriate

What You Should Have

Bachelor’s degree in Computer Science, Computer Engineering, related technical field required, or equivalent practical experience

7+ years of proven experience in software development

Strong expertise in software engineering best practices

Experience coding in an industry-standard language such as Python (preferred), Go, Java, C#, Ruby, PHP, C++, PHP, or JavaScript

Experience with Amazon Elastic Compute Cloud Resources

A passion for improving security, systems, and processes

Experience designing, operating, and delivering internal and third party security services at scale

Ability to see the big picture and build out concise, comprehensive, yet realistic project plans

Experience working in a complex, matrixed organization involving cross-functional projects

Ability to balance short-term engineering tradeoffs with long-term investments

A track record of mentoring team members

Strong written and verbal communication skills, with high attention to detail

Ability to connect with emotional intelligence when delivering constructive feedback regarding security matters to engineers and product designers

Knowledge of common security vulnerabilities as published by OWASP, SANS, etc.

Knowledge of how to test code and applications across various platforms (iOS, Mac, Linux, Windows, Android, etc.) for security weaknesses and quality

Experience with containerized applications and their deployment, experience with secure software development, contributions to the security community (published research, blogging, public speaking, open source projects)

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.

Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.

Salesforce welcomes all.

#J-18808-Ljbffr