To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category
Products and Technology

Job Details

Security Data Principal/Architect

Location: San Francisco, Bellevue, Atlanta, Herndon, Burlington

The Threat and Vulnerability Management, Analytics and Reporting team is looking for a principle data architect to help build tools to implement security controls for identifying, classifying, scanning, and reporting security vulnerabilities or misconfigurations across Salesforce's infrastructures.

The Analytics and Reporting team supports the overall TVM objective to provide a process and platform to comprehensively and timely detect security misconfigurations detection and reporting across all Salesforce assets in 1st party environments and all public cloud substrate to minimize security risk to Salesforce and its customers.
Our security team is looking for an experienced principle data architect to design and implement a data architecture for extracting vulnerability information from our assets fleet. Our data processing layer required to be highly scalable and available, capable of collecting information from millions of hardware and software assets, and provide our security teams with the ability to query and act on compliance-related events. You will build state-of-the-art platforms for deploying and managing large scale scanning platforms, covering a diverse collection of assets (e.g., servers, VMs, containers, network, and mobile devices) and public cloud substrates (Azure, AWS, GCP, etc). You will design and implement systems for continuously monitoring and reporting violations of infrastructure misconfiguration across on-prem and public cloud platforms.
This is a great opportunity for high level engineers who want to build and own distributed systems development, big data collection, and processing, as well as security. Your talent will find significant outreach and business impact, contributing to the CISO's security goals and reports.

Here's what you'll do

• Learn and adapt to Salesforce security strategies, security goals, security objectives, and security capabilities to improve security posture

• Architect and implement vuln detection and inventory platforms for continuous assessment of threat and vulnerabilities, risk and policy compliance across Salesforce software and hardware assets

• Build platforms for extracting asset metadata across classes of assets (mobile, laptops, compute servers) and cloud multi-substrates (on-prem, AWS, GCP, Azure, etc)
• Build monitoring and engagement services to allow security engineers to act on the collected vulnerabilities and compliance data and take remediation actions
• Advance and operate these security assessment platforms in a full DevOps model
• Operate in an Agile development environment, including participating in daily scrums
• Support the team's engineering excellence by performing code reviews and mentoring junior team members
• Work cross-functionally with product management and distributed systems engineering teams to complete large scale projects with impact across the company
• Motivate and champion a strong team culture
• Adapt to change quickly and eagerly: changing requirements, changing priorities, changing strategies
• Advocate security and secure practices throughout Salesforce

Here's what you'll need

• Industry experience 9+ years for LMTS, 12+ years for PMTS, including:
• Working experience in SaaS, PaaS, or IaaS software development
• Working experience in a cloud platform
• Education. M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with equivalent years of experience
• Distributed systems and data engineering. Expertise in designing, implementing, and operating high-scale distributed systems architectures and concepts, including the following:
• High-performance, high-availability (99.999%), and self-recoverable systems
• Large scale infrastructure systems
• Docker-based development, especially experience using EKS
• Configuration management systems, including Infrastructure-as-Code (IAC), Terraform, Puppet
• Programming. Proficiency in object-oriented and multi-threaded programming in at least one of the following languages: Python, Golang, Java
• Software design. Demonstrated expertise in applying systems patterns (e.g., Client-server, N-tier, Primary/secondary, MVC) and API constructions (e.g., Swagger, OpenAPI)
• Operating systems. Development and software management on Linux (e.g., CentOS, RHEL) and Windows
• Security. Strong fundamentals knowledge in security concepts: authentication/authorization frameworks (e.g., SSO, SAML, OAuth, etc), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI)
• Communication. Excellent oral and written communication skills
• Team. Ability to value team success beyond personal contributions
• Vision Execution. Ability to translate strategic or operational goals to technical and tactical requirements and architectures

Desired Skills/Experience

• Experienced in developing and owning comprehensive data architecture

• Platform development. Proven track of designing and coding large-scale PaaS or IaaS systems
• Public cloud experience, including a history of building platforms in AWS, GCP, or Azure
• Vuln scanning. Knowledge of vulnerability management solutions, prior experience in vulnerability management and its related processes and procedures, multiple vulnerability scan tools for both Cloud and On-Prem scenarios (Qualys, Nessus, Rapid7, Cloudaware, Redlock, Whitehat, Burp Suite, Netsparker, etc)
• Security-based credentials highly desired (SSCP, GIAC GCUX, GSEC, GCED, GCIH, GCIA, etc)
• Understanding of security compliance standards and regulations (e.g., ISO 27001, PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR), a plus

*LI-Y

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org .

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.