Salesforce, Inc.
This crucial role will drive a unified and cohesive AI security strategy throughout the entire Salesforce ecosystem, transcending traditional product and "cloud" boundaries. Recognizing that agentic AI necessitates a fundamental shift from siloed approaches, the AI Security Architect will foster a consistent and integrated security posture across all Salesforce products, ensuring a shared commitment to customer trust by influencing platform design with critical security context.
* Advise on Secure AI Platform Design & Guidance* Define Unified AI Security Standards & Best Practices* Work with BISOs to Drive Secure-by-Default and Trust Principles Across Clouds* Provide Deep Technical Input into Technology Security Evaluation & Risk Assessment* Ensure Cross-Alignment with Ethical AI, Legal, and Compliance* Manage Cutting-Edge Technology Security* A related technical degree required.* First-hand work with Machine Learning, Deep-Learning, or Artificial Intelligence.* Familiarity with current attacks on ML models, including adversarial examples, training data extraction, model extraction, and data poisoning.* Proven experience in developing new attacks and defenses for ML/AI enabled applications.* Proven communication, collaboration, and interpersonal skills with the ability to effectively communicate complex technical concepts to diverse audiences, including technical and non-technical teams.* An attacker’s mindset; consider abuse and attack paths as well as the defensive mindset to recommendations to prevent them* A passion around improving the security development lifecycle and delivering security guidance to engineers in a language they understand.* Ability to work with data, identify trends and propose comprehensive mitigations that eradicate systemic security concerns.* Experience participating in an information security program and improving or proposing improvements to a secure development lifecycle* Threat modeling of security topics across infrastructure security & application security domains Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements* Excellent writing and presentation skills.* Possess the ability to communicate concisely, clearly, and intelligently to cross functional teams.* Proven ability to drive enterprise-ready features to release prioritizing Security and Availability without sacrificing usability* Strong technical aptitude; comfortable engaging with engineering on architecture, APIs, and platform implications* Experience working with InfoSec, Legal, and IT stakeholders at Fortune 500 companies* Demonstrated expertise in navigating security incident response efforts, including direct engagement with executive leadership, legal counsel, and external parties to resolve complex security issues.* Strategic thinker with an understanding of the evolving global threat landscape and its implications for millions of users.* Experience with client side/browser security features like same origin policy, CORS, CSP, shadow DOM, Web Components, web development frameworks etc.* Experience with software development in one or more languages such as: JavaScript, Java, Python, Ruby, PHP, Go, TypeScriptSome experience performing penetration testing or familiarity with the process* 5+ years proven experience in the following areas in a security engineering or research role:Securing products and infrastructure from the OWASP Top 10 and/or CWE Top 25* Exploiting web and web services security vulnerabilities such as cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, etc.Public Cloud security architecture in one or more of the following: Amazon Web Services, Google Cloud Platform, Microsoft Azure, Alibaba Cloud, etc.When you join Salesforce, you’ll be limitless in all areas of your life. Our benefits and resources support you to find balance and *be your best*, and our AI agents accelerate your impact so you can *do your best*. Together, we’ll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future — but to redefine what’s possible — for yourself, for AI, and the world.Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education. #J-18808-Ljbffr
* Advise on Secure AI Platform Design & Guidance* Define Unified AI Security Standards & Best Practices* Work with BISOs to Drive Secure-by-Default and Trust Principles Across Clouds* Provide Deep Technical Input into Technology Security Evaluation & Risk Assessment* Ensure Cross-Alignment with Ethical AI, Legal, and Compliance* Manage Cutting-Edge Technology Security* A related technical degree required.* First-hand work with Machine Learning, Deep-Learning, or Artificial Intelligence.* Familiarity with current attacks on ML models, including adversarial examples, training data extraction, model extraction, and data poisoning.* Proven experience in developing new attacks and defenses for ML/AI enabled applications.* Proven communication, collaboration, and interpersonal skills with the ability to effectively communicate complex technical concepts to diverse audiences, including technical and non-technical teams.* An attacker’s mindset; consider abuse and attack paths as well as the defensive mindset to recommendations to prevent them* A passion around improving the security development lifecycle and delivering security guidance to engineers in a language they understand.* Ability to work with data, identify trends and propose comprehensive mitigations that eradicate systemic security concerns.* Experience participating in an information security program and improving or proposing improvements to a secure development lifecycle* Threat modeling of security topics across infrastructure security & application security domains Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements* Excellent writing and presentation skills.* Possess the ability to communicate concisely, clearly, and intelligently to cross functional teams.* Proven ability to drive enterprise-ready features to release prioritizing Security and Availability without sacrificing usability* Strong technical aptitude; comfortable engaging with engineering on architecture, APIs, and platform implications* Experience working with InfoSec, Legal, and IT stakeholders at Fortune 500 companies* Demonstrated expertise in navigating security incident response efforts, including direct engagement with executive leadership, legal counsel, and external parties to resolve complex security issues.* Strategic thinker with an understanding of the evolving global threat landscape and its implications for millions of users.* Experience with client side/browser security features like same origin policy, CORS, CSP, shadow DOM, Web Components, web development frameworks etc.* Experience with software development in one or more languages such as: JavaScript, Java, Python, Ruby, PHP, Go, TypeScriptSome experience performing penetration testing or familiarity with the process* 5+ years proven experience in the following areas in a security engineering or research role:Securing products and infrastructure from the OWASP Top 10 and/or CWE Top 25* Exploiting web and web services security vulnerabilities such as cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, etc.Public Cloud security architecture in one or more of the following: Amazon Web Services, Google Cloud Platform, Microsoft Azure, Alibaba Cloud, etc.When you join Salesforce, you’ll be limitless in all areas of your life. Our benefits and resources support you to find balance and *be your best*, and our AI agents accelerate your impact so you can *do your best*. Together, we’ll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future — but to redefine what’s possible — for yourself, for AI, and the world.Any employee or potential employee will be assessed on the basis of merit, competence and qualifications – without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education. #J-18808-Ljbffr