Salesforce, Inc..
Marketing Security Lead Engineer
Salesforce, Inc.., San Francisco, California, United States, 94199
Overview
If you think you are the right match for the following opportunity, apply after reading the complete description. Job Title: Marketing Security Lead Engineer
Are you a security professional passionate about translating technical controls into balanced guidance for a diverse workforce of humans and AI? Are you inspired by innovating pragmatic solutions for security challenges across a broad range of Marketing infrastructure, platforms and products? Do you get excited about enabling effective security controls at scale?
Marketing Security strengthens our Marketing environment that generates a revenue pipeline for Salesforce. In this role, you will use your engineering experience to partner closely with marketing architects, engineers, product managers to understand their objectives, identify threats, and scale our Marketing security programs. You will collaborate with our IT and Enterprise Security organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will leverage your security engineering skills to identify emerging threats and design new processes that balance security and business agility across the Chief Marketing Office.
At Salesforce Trust is our #1 value. We are looking for a team player who can contribute and grow alongside an established and experienced team of technical security professionals. Are you interested in becoming part of an innovative, business-centric security team that focuses on preventing and remediating risk to the Marketing organization?
Responsibilities
Threat model common attacker methods to develop appropriate mitigation techniques.
Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle.
Research new technologies, emerging threats, and vulnerabilities.
Security Advisory: Experience designing, implementing, or testing internal security controls in response to identified risks and how these security design decisions impact engineers, product owners, and audit functions.
Operating system and hardware platforms (server and client endpoints, mobile and other embedded devices)
Network infrastructure (switches, routers, wireless access points, load balancers, firewalls, VPN, SDN, cloud)
Authentication and authorization services (SAML, OAuth, Radius, Kerberos)
Public cloud infrastructure platforms and technologies (AWS, GCP, Azure, Terraform)
Securing Web Applications, SaaS pentesting
Code Reviews and SDLC
Security Architecture Design Reviews
Minimum Qualifications
Bachelor's Degree in Computer Science, Engineering, or related technical field, or equivalent experience in technical leadership
8+ years experience in one of the following security roles: security operations, security engineering, incident response, penetration testing, intrusion detection, network security, application security, identity management, cryptography, or endpoint security controls.
Understanding major Security domains:
Common network security models and protocols.
Methods of determining integrity and providing confidentiality.
Operating systems internals and vulnerabilities.
Exploit mitigation techniques.
Application security.
Excellent communication skills with experience providing advice to internal customers on risk assessment, threat modeling, and remediation of vulnerabilities.
Ability to distill complex technical information verbally during situation reports and briefings.
Proven project management and organizational skills.
Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team.
Preferred Qualifications
Hands-on experience designing solutions or performing security testing of cloud environments (AWS, Azure, Google Cloud)
Strong working experience with common security assessment tools such as BurpSuite, Nexpose, Nessus, Metasploit, Nmap
Understanding relevant scripting languages: Bash, Powershell, Python, Java, JavaScript / NodeJS. Experience with DevOps, CI/CD pipelines, or secure development lifecycles.
At least one security related certification such as OSCP, GCIH, GCIA, GPEN, GWAPT, GMOB, GPPA, CCNP, CCNP Security, CCIE Security
Experience performing detailed network traffic analysis, architecture review, and engineering network security solutions
Experience writing security white papers and/or presenting at industry security conferences and events.
Strong understanding of encryption methods
#J-18808-Ljbffr
If you think you are the right match for the following opportunity, apply after reading the complete description. Job Title: Marketing Security Lead Engineer
Are you a security professional passionate about translating technical controls into balanced guidance for a diverse workforce of humans and AI? Are you inspired by innovating pragmatic solutions for security challenges across a broad range of Marketing infrastructure, platforms and products? Do you get excited about enabling effective security controls at scale?
Marketing Security strengthens our Marketing environment that generates a revenue pipeline for Salesforce. In this role, you will use your engineering experience to partner closely with marketing architects, engineers, product managers to understand their objectives, identify threats, and scale our Marketing security programs. You will collaborate with our IT and Enterprise Security organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will leverage your security engineering skills to identify emerging threats and design new processes that balance security and business agility across the Chief Marketing Office.
At Salesforce Trust is our #1 value. We are looking for a team player who can contribute and grow alongside an established and experienced team of technical security professionals. Are you interested in becoming part of an innovative, business-centric security team that focuses on preventing and remediating risk to the Marketing organization?
Responsibilities
Threat model common attacker methods to develop appropriate mitigation techniques.
Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle.
Research new technologies, emerging threats, and vulnerabilities.
Security Advisory: Experience designing, implementing, or testing internal security controls in response to identified risks and how these security design decisions impact engineers, product owners, and audit functions.
Operating system and hardware platforms (server and client endpoints, mobile and other embedded devices)
Network infrastructure (switches, routers, wireless access points, load balancers, firewalls, VPN, SDN, cloud)
Authentication and authorization services (SAML, OAuth, Radius, Kerberos)
Public cloud infrastructure platforms and technologies (AWS, GCP, Azure, Terraform)
Securing Web Applications, SaaS pentesting
Code Reviews and SDLC
Security Architecture Design Reviews
Minimum Qualifications
Bachelor's Degree in Computer Science, Engineering, or related technical field, or equivalent experience in technical leadership
8+ years experience in one of the following security roles: security operations, security engineering, incident response, penetration testing, intrusion detection, network security, application security, identity management, cryptography, or endpoint security controls.
Understanding major Security domains:
Common network security models and protocols.
Methods of determining integrity and providing confidentiality.
Operating systems internals and vulnerabilities.
Exploit mitigation techniques.
Application security.
Excellent communication skills with experience providing advice to internal customers on risk assessment, threat modeling, and remediation of vulnerabilities.
Ability to distill complex technical information verbally during situation reports and briefings.
Proven project management and organizational skills.
Excellent analytical skills, organizational skills, ingenuity, and the ability to work as part of a team.
Preferred Qualifications
Hands-on experience designing solutions or performing security testing of cloud environments (AWS, Azure, Google Cloud)
Strong working experience with common security assessment tools such as BurpSuite, Nexpose, Nessus, Metasploit, Nmap
Understanding relevant scripting languages: Bash, Powershell, Python, Java, JavaScript / NodeJS. Experience with DevOps, CI/CD pipelines, or secure development lifecycles.
At least one security related certification such as OSCP, GCIH, GCIA, GPEN, GWAPT, GMOB, GPPA, CCNP, CCNP Security, CCIE Security
Experience performing detailed network traffic analysis, architecture review, and engineering network security solutions
Experience writing security white papers and/or presenting at industry security conferences and events.
Strong understanding of encryption methods
#J-18808-Ljbffr