Trust is the #1 company value at Salesforce. Salesforce.com hosts web services and applications written by thousands of internal developers and tens of thousands of customers to provide the largest SaaS platform on the planet.
Our Security Software Engineering team builds and operates highly scalable, fault-tolerant, distributed systems to deliver cloud-scale security software services. We provide the fundamental building blocks to improve and preserve customer trust in Salesforce's products across multiple public cloud substrates and our own network infrastructure. We leverage many open source technologies, including big data, machine learning, no-SQL database, container, Kubernetes, Istio to architect and implement our services, to protect Salesforce products/infrastructure and defend against malicious attacks. Our products' massive complexity requires our software engineers to be highly adoptive to new technology and methodologies and have the strong ability to deliver reliable software services under pressure. Prior security knowledge is not strictly required. You will have the unique opportunity to learn from the best industry security experts and integrate that into your software and service engineering.
Our expanding team is looking for experienced Distributed Systems Developer (position level dependent on experience).
Some key investments in our space include:
Security Foundation Services:
Develop and deliver reliable and scalable foundational services. These key building blocks - like key and secret management systems, PKI (public key infrastructure), service-to-service authn/authz and data encryption - enable the security of all other services and permit the protection of our customer data.
Identity and Access:
Design and implement consistent and scalable identity and access services for all of Salesforce, integrating our IT network, public cloud infrastructure, and our own data centers, and empowering all our engineers to operate these environments in a secure manner.
Threat Detection and Response Services:
Develop highly scalable, automatic and flexible defense system integrating extensive data collection, big data processing, machine learning detection, automatic response, and automatic mitigation across all our data centers, IT infrastructure and public cloud environments.
Trust is Salesforce’s number one value. And we invest heavily in the security space to create the most secure enterprise cloud platform. Threat Detection & Response is one of the most critical components of our security defense system. It involves complex subsystems including massive data collection, detection through complex rules and machine learning, highly scalable response automation, deep investigation capability, and mitigation solutions. All these solutions are built in our cloud environment with large scale distributed system. The architects in the D&R Engineering organization will partner with engineering managers to guide the team to design, implement and run these complex services. You are expected to bring in deep architecture and design knowledge, excellent engineering practice, as well as capability to provide a high-quality hands-on implementation.
Threat and Vulnerability Management Engineering:
Design, development and implement scalable vulnerability management infrastructure for all of Salesforce, integration of diverse assets data within data centers, public cloud infrastructures, IT network, and provide threat / risk reporting.
Secure Software Development Lifecycle:
Under this umbrella, we design, build and deliver highly available, disaster proof, public cloud hosted services for the entire Salesforce developer community and increase the security of Salesforce's products. Just a few of these include Credentials Scanning as a Service (find secrets and credentials hidden in our source code), Container Scanning as a Service (ensure that the container images being deployed for AWS, GCP, and Gov Cloud are free of vulnerabilities), 3PP as a Service (ensure that we do not inherit a third party developer's security vulnerabilities), Static Code Analysis as a Service (ensure that the Salesforce's own code -in any language- is free of security Vulnerabilities). These projects are all targeted directly at the developer community and have various touch points including integration with various CI and SCM systems.
Continuous Security Monitoring (CSM):
CSM is a continuous process of evidence collection, comparison of evidence to a known standard, and flagging divergence thereby assuring operating effectiveness of security controls. This involves collecting bits of data from endpoints (we've worked with OSQuery and Tanium), pumping that into a data lake (Kafka endpoints with a Hadoop/Hbase over S3 storage), dockerized containers for the backend and job scheduling and finally working that data into Salesforce Objects for dashboards and analytics.
The Network Security Engineering team is building a new internal cloud platform for various network security controls and management. Our mission is to develop highly-available and performant distributed systems to provide security at the network level in our private and public clouds, including micro-segmentation, network policy distribution, access control at host/device level, distributed firewall and DDoS prevention. Our scope is a wide range of compute substrates, including bare metal hosts, VMs, and containers.
If you have some/most of the key skills below, we have an exciting engineering position for you at all levels:
It's easy, and free! Add jobs from any website! Get recommendations from your friends! Start by adding this job...