Salesforce.com, Inc Red Team Penetration Tester and Security Assessment Engineer in San Francisco, California

Job CategoryProducts and Technology

Job DetailsAs a penetration tester at Salesforce.com and member of our red team you will uncover vulnerabilities in our infrastructure, software and processes and help facilitate removal. You will perform penetration tests, information security assessments, and application security assessments on a wide variety of infrastructure and software within our environment. You will work with talented technical experts from various Salesforce.com teams on a regular basis. Top contributors will enjoy the freedom to work with limited barriers and the experience of working with other talented and passionate information security professionals.

Location: San Francisco, CA + Bellevue, WA Leveling: We are looking for best the offensive security engineers in the world. If you fit that profile, we will work with you to ensure that your job title/level is aligned to your skill sets and that you are compensated at that level as well.

Responsibilities:

  • Perform penetration tests and vulnerability assessments on targets across "all" of our business units and locations.
  • Facilitate removal or remediation of vulnerabilities in collaboration with our broader engineering and operations teams.
  • Contribute to our penetration testing program and toolkit.
  • Research new threats, attack vectors and risks.
  • Collaborate with your colleagues...many of the best in the world.

Minimum Qualifications:

  • BS/MS degree, or relevant work experience
  • Infrastructure and application level penetration testing experience
  • Expert knowledge in computer and network security
  • Extensive knowledge of the OWASP Top 10 and CWE Top 25
  • Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.
  • Strong coding skills; Software development, Java, PHP, Perl, Python, Ruby, etc….
  • BS Computer Science or equivalent knowledge and experience
  • Offensive attack hacker mindset
  • Experience with the latest and greatest penetration testing tools

Desired Skills and Credentials:

  • Assembly/exploit developpment experience
  • Bug bounty awards
  • Experience in software development, Java, PHP, Perl, Python, Ruby, etc….
  • Information security certifications, GPEN, OSCP, OSCE, OSWE, CEH, CISSP
  • Ability to self motivate when given strategic goals.

*LI-Y

Posting Statement

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. We are the fastest growing of the top 10 enterprise software companies, the World's Most Innovative Company according to Forbes, and one of Fortune's 100 Best Companies to Work For six years running. The growth, innovation, and Aloha spirit of Salesforce are driven by our incredible employees who thrive on delivering success for our customers while also finding time to give back through our 1/1/1 model, which leverages 1% of our time, equity, and product to improve communities around the world. Salesforce is a team sport, and we play to win. Join us!