To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category
Products and Technology

Job Details

Salesforce is the world's #1 CRM business and Trust is our #1 value. We commit to Trust by upholding the highest engineering and security standards for the code running the Salesforce platform, including security analysis of code and packages.

The Security Engineering team is looking for an experienced software devops to build and manage the infrastructure of its cloud platforms-as-a-service (PaaSes) for performing automated code and package security analysis. These platform will integrate with state-of-the-art technologies for static/dynamic application analysis (SAST/DAST), as well as open source software scanners. You will build a critical piece of our release pipelines while also helping engineers identify security flaws in their code through a cloud PaaS. Your system will support both internal as well as external software packages that run in the Salesforce ecosystem, providing significant outreach and business impact. You will operate in a full service ownership model, combining development and devops infrastructure support for owned platforms.

This is a great opportunity for ambitious engineers who want technical growth in both distributed systems development and application security vulnerabilities, while operating on a large scale cloud platform.

Responsibilities

• Design, implement, automate, deploy, monitor the infrastructure and applications in public clouds (AWS/GCP/Azure) for static/dynamic application security analysis to Salesforce's public and private software components.
• Architect and implement software platforms integrated with open source software scanners (e.g., Sonatype's Nexus, Veracode), to provide automated validation and access to security flaw analysis
• Integrate these platforms with Salesforce's public and internal code management pipelines.
• Advance and operate these security scanning platforms in a full DevOps model
• Work with security engineers to build software systems for risk assessment, threat modeling and fixing vulnerabilities based on security scanners results
• Operate in an Agile development environment, including participating in daily scrums
• Support the team's engineering excellence by performing code reviews and mentoring junior team members

Required Skills/Experience

• Government space eligibility. Eligibility to operate under FedRAMP/FISMA, DoD IL requirements. Existing certification to operate in these environments is not a requirement.
• Industry experience. 5+ years, including:

• 3+ years experience in SaaS, PaaS or IaaS devops support
• 3+ years experience in a high-availability 24/7 environment (cloud platforms are a plus)

• Education. M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with equivalent years of experience
• DevOps experience:
  
  • Experience deploying and operating infrastructure at scale
  • Hands-on automation experience with AWS/GCP/Azure and other cloud providers.
  • Knowledge in at least one scripting/automation language
  • Experience with Infrastructure as Code/configuration management tools: E.g Terraform, CloudFormation, Puppet or similar cloud-based production workload management tools
  • Experience managing code through source control, CI/CD pipelines, Git/Github
  • DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
• Operating systems. Development and software management on Windows and Linux systems (e.g., CentOS, RHEL)
• Security. Strong knowledge in security fundamentals: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI), code signing
• Communication. Excellent oral and written communication skills
• Team. Ability to value team success beyond personal contributions

Desired Skills/Experience

• Programming proficiency in at least one of the object-oriented languages: Golang, Java, C++, Python
• Hands-on experience using or managing SAST/DAST tools (e.g, CheckMarx, Veracode, HP Fortify, Coverity, IBM AppScan, Parasoft, Klocwork, CodeSonar, Burp)
• Experience scanning open source software (OSS) and understanding flaw reports using component integration tools (e.g., Sonatype's Nexus, Veracode, Black Duck)
• Experience using or operating continuous integration, continuous delivery and deployment automation (e.g., Jenkins, CloudBees, Bamboo, TeamCity)
• Hands-on experience with container technologies (e.g., Docker, Kubernetes)
• Hands-on experience with managing MySQL implementations
• Proven track of building large-scale PaaS or IaaS systems, especially for public cloud providers (e.g., AWS, Azure, GCP)

This candidate must be a U.S. citizen (U.S. born or naturalized) who does not hold dual citizenship and agrees to complete a U.S. federal government Minimum Background Investigation (MBI) for a Moderate Public Trust position.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.