Staff Software Engineer, Product Security, Tooling - Slack
Portland, OR, United States
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
Software Engineering
Job Details
About Salesforce
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
About Us
The Product Security Tooling team fortifies Slack’s security posture by developing and maintaining automated solutions that reduce the product’s attack surface. We build systems that identify security risks and enable risk owners to remediate them at scale. We work closely with Slack engineers to ensure that they have a frictionless and integrated developer experience with innovative security tools. We proactively find opportunities to reduce manual workflows in security processes and build automation to address bottlenecks.
The Team Has Two Major Workstreams
Vulnerability Management
Security Tooling
What You Will Be Doing
Be one of the lead engineers for the newly-formed Tools team with the ability to make a strong impact by automating our security processes
Unique opportunity to shape the team’s technical stack and product usage
Partner with Engineering and Technical Program Managers to create technical roadmaps. You will work to accomplish the team’s mission of build, buy, and operate internal and third-party security tooling at scale. Together, we will make results easily and programmatically accessible to the Slack Security and Engineering teams.
Establish a technical baseline and expectations for how to standardize the operation of application security tooling at Slack
Develop key performance indicators around vulnerabilities, triage, and security controls
Lead, mentor, and guide team members through the software development and operation lifecycles
Partner with people leader stakeholders to help influence change and promote cross-functional communication
Mentor and grow other engineers by providing thoughtful feedback during all phases of the development lifecycle
Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns
Serve as a public representative for security at Slack by engaging in internal and external speaking engagements
Take an active role in driving security initiatives at Slack
Seek out opportunities to automate processes when appropriate
What You Should Have
Bachelor’s degree in Computer Science, Computer Engineering, related technical field required, or equivalent practical experience
7+ years of proven experience in software development
Strong expertise in software engineering best practices
Experience coding in an industry-standard language such as Python (preferred), Go, Java, C#, Ruby, PHP, C++, PHP, or JavaScript
Experience with Amazon Elastic Compute Cloud Resources
A passion for improving security, systems, and processes
Experience designing, operating, and delivering internal and third party security services at scale
Ability to see the big picture and build out concise, comprehensive, yet realistic project plans
Experience working in a complex, matrixed organization involving cross-functional projects
Ability to balance short-term engineering tradeoffs with long-term investments
A track record of mentoring team members
Strong written and verbal communication skills, with high attention to detail
Ability to connect with emotional intelligence when delivering constructive feedback regarding security matters to engineers and product designers
Knowledge of common security vulnerabilities as published by OWASP, SANS, etc.
Knowledge of how to test code and applications across various platforms (iOS, Mac, Linux, Windows, Android, etc.) for security weaknesses and quality
Experience with containerized applications and their deployment, experience with secure software development, contributions to the security community (published research, blogging, public speaking, open source projects)
Accommodations
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
Posting Statement
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.
#J-18808-Ljbffr