HillsboroRecruiter Since 2001
the smart solution for Hillsboro jobs

Principal Enterprise Security Engineer- Risk Prevention and Reduction

Company: Salesforce.com, Inc.
Location: Hillsboro
Posted on: June 12, 2021

Job Description:

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Products and Technology

Job Details

Are you a security professional passionate about preventing and eliminating security risk? Do you have experience securing applications, infrastructure, and third party services?

This role will be about translating security risk (people, process, technical, and integration) into balanced

initiatives for a diverse workforce. You will develop pragmatic solutions for

security challenges across a broad range of enterprise applications, services, cloud, and infrastructure platforms and products. This is an opportunity to take on challenging initiatives to effectively enable enterprise security at scale.

In this role, you will partner closely with business and technology stakeholders to understand their

objectives, identify threats, and scale our enterprise security programs. You will

collaborate with our Business and IT organizations and champion security requirements in the selection,

development, and integration of a wide range of technologies. You will also have the opportunity

to identify emerging threats and design new processes that balance security and business

agility across Salesforce.

At Salesforce Trust is our #1 value. We are looking for a team player who can contribute and grow alongside an established and experienced team of technical security professionals. Are you interested in becoming part of an innovative, business centric security team that focuses on preventing and remediating risk?

Primary Responsibilities:

  • Provide security assurance for the architecture, design, configuration and implementation of enterprise applications, infrastructure, third party cloud services, and security controls.
  • Improve the corporate and IT secure software development lifecycle (SDLC), delivering security guidance to engineers in language they understand, mentoring security champions, and contributing to security training materials.
  • Perform threat modeling / data flow diagramming /risk analysis/ security assessments, providing guidance that balances security requirements with functional requirements.
  • Review internal use of Salesforce products/services, integrations, and add-ons/extensions. Providing guidance on vulnerability remediation steps, hardening improvements, and data access requirements.
  • Perform code reviews and black box penetration tests of applications/infrastructure/cloud services, providing guidance on remediation steps, feature enhancements, and security requirements.
  • Use your writing and presentation skills to communicate at all levels in the organization. Possess the ability to communicate concisely, clearly, and intelligently to partners from a variety of backgrounds, including those who are non-technical.

Minimum Qualifications:

  • 9+ years experience in a security engineering/security assurance role
  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
  • In-depth experience identifying risk and protecting infrastructure and cloud services
  • Strong knowledge of the MITRE ATT&CK framework, browser security model, applied cryptography, network security, enterprise software, and agile development practices.
  • Experience conducting design reviews, code reviews, and penetration tests
  • Experience creating threat models and data flow diagrams

Helpful Qualifications:

  • Past work experience with SDLC practices, DevOps, or security champion programs.
  • Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications
  • Highly motivated, driven to overcome obstacles and execute on provided objectives.
  • Industry certifications such as CISSP, OSCP, OSWE, GWAPT, GPEN or similar.

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work for six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win.

Join us!


If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org.

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Keywords: Salesforce.com, Inc., Hillsboro , Principal Enterprise Security Engineer- Risk Prevention and Reduction, Other , Hillsboro, Oregon

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Oregon jobs by following @recnetOR on Twitter!

Hillsboro RSS job feeds