Senior Manager, Application Vulnerability Management Engineering

| San Francisco, CA
Sorry, this job was removed at 7:37 a.m. (CST) on Saturday, December 11, 2021
Find out who's hiring in San Francisco, CA.
See all Cybersecurity + IT jobs in San Francisco, CA
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category
Products and Technology

Job Details

The Threat and Vulnerability Management (TVM) program focuses on addressing vulnerabilities in the entire development lifecycle, from design, coding, deployment and at runtime. The program develops and operates platforms for identifying, classifying, scanning, and reporting security vulnerabilities in all Salesforce assets across the company's cloud infrastructure and applications.

TVM is hiring a Sr.Manager of Software Development to lead the development and operations of its US cloud platforms for preventing, finding and remediating vulnerabilities in software artefacts during the software development lifecycles. You will be in charge with building highly-available and highly-scalable distributed systems operating as a cloud platform-as-a-service (PaaS) that is capable of performing software security testing using state-of-the art security tools, to assess the risk associated with the tested software, and to automate workflows for driving remediation of the findings. You will also support the entire product portfolio for application vulnerability management across commercial and Government clouds. The portfolio includes solutions for static code analysis, third-party vulnerability assessment and container security. You will manage developers within a scrum team, as a hands-on technical expert with leadership skillset and strong organizational capabilities. You will be responsible for hiring and retaining the best security talent around, growing your team and the people on it, and helping guide the technical direction.

Responsibilities

  • Develop short- and long-term program and product strategies in partnership with product management and other engineering teams
  • Drive design and implementation of innovative distributed software platforms for continuous assessment of security posture of the code and third-party packages used by Salesforce engineers
  • Lead development teams in a full-service ownership model following Agile methodologies
  • Manage devops activities for owned services in a 24/7 runtime environment, including driving investigations to determine root cause and implement solutions.
  • Collaborate with other engineering teams to solve security problems with minimal disruption to other business functions.
  • Hire, train and assess the performance of direct reports according to corporate policies and procedures.
  • Assist in the growth of employees through coaching, training and career development activities.
  • Interact with industry experts, vendors, partners, internal staff and auditors
  • Work effectively as part of a geographically distributed team

Required Skills/Experience

  • Industry experience . 7+ years of experience in software development, including:
    • 3+ years experience in SaaS, PaaS or IaaS software development
    • 3+ years experience in a high-availability 24/7 environment (cloud platforms are a plus)
  • Management experience . 3+ years of direct people management experience, with at least 10 direct reports.
  • Education . M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with equivalent years of experience
  • Platform development . Proven track of designing, coding and delivering large-scale PaaS or IaaS systems, especially on public cloud substrates (AWS/GCP)
  • Programming . Proficiency in object-oriented and multi-threaded programming to support code-reviews and guiding engineers in at least one of the following languages: Golang, Java, C++, Python
  • Security . Strong knowledge in security fundamentals: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI), vulnerability management
  • DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
  • Team . Ability to lead, motivate and grow teams of developers in a challenging, dynamic and global environment
  • Agile . Prior experience managing teams using agile methodologies (Scrum, Kanban)
  • Communication . Excellent oral and written communication skills in English

Desired Skills/Experience

  • Government space experience . Prior experience in implementing and running systems under FedRAMP/FISMA, DoD IL requirements
  • Distributed systems . Expertise in designing, implementing and operated distributed systems architectures and concepts, including several of the following:
    • High-performance, high-availability (99.999%) and self-recoverable systems
    • Control, orchestration and automation platforms leveraging containers or VMs
    • Storage solutions, in particular MySQL (e.g., Cassandra, MongoDB, Hadoop, Redis, Zookeeper)
    • Consensus and consistency frameworks (e.g., Paxos, Raft, eventual consistency)
    • Data-processing systems (e.g., Lambda architecture, Kafka, RabbitMQ, ELK)
    • RPC frameworks (e.g., Protobuf/gRPC, Thrift, Bond)
  • SAST/DAST . Hands-on experience using or managing Static/Dynamic Application Security Testing tools (e.g, CheckMarx, Veracode, HP Fortify, Coverity, IBM AppScan, Parasoft, Klocwork, CodeSonar, Burp)
  • Containers . Expertise in operating Kubernetes-based containerized environments, and having deep-knowledge in container security.
  • Malware. Expertise in building or operating software for identifying malware in commercial or infrastructure software.
  • Open-source Scanning. Experience scanning open source software (OSS) and understanding flaw reports using component integration tools (e.g., Sonatype's Nexus, Veracode, Black Duck, Snyk)
  • Operating systems . Development and software management on Linux systems (e.g., CentOS, RHEL)
  • Software design . Demonstrated expertise in applying systems patterns (e.g., Client-server, N-tier, Master/Slave, MVC) and API constructions (e.g., Swagger, OpenAPI)
  • Full-software ownership from idea to running in production: design, code, writing unittests, performing integration tests, deploying to production, supporting the system in the production environments

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form .

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org .

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

More Information on Salesforce
Salesforce operates in the Cloud industry. The company is located in San Francisco, CA, Atlanta, GA, Chicago, IL, Burlington, MA and Dallas, TX. It has 59679 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Disability insurance, Dental insurance, Vision insurance, Health insurance and Life insurance. To see all jobs at Salesforce, click here.
Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Similar Jobs

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about SalesforceFind similar jobs