Distributed Systems Software Engineer - Security - Senior/Lead/Principal
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category Products and Technology
Our Security Software Engineering team builds and operates highly scalable, fault-tolerant, distributed systems to deliver cloud-scale security software services. We provide the fundamental building blocks to improve and preserve customer trust in Salesforce's products across multiple public cloud substrates and our own network infrastructure. We architect and implement our services, to protect Salesforce products/infrastructure and defend against malicious attacks. . You will have the unique opportunity to learn from the best industry security experts and integrate that into your software and service engineering.
Built-in Trust. Hyperforce’s security architecture continuously verifies and limits users to appropriate levels of access to customer data (this is what our IAM team does), protecting exposure of sensitive information due to human error or misconfiguration (this is Data Protection, i.e. PKI, Secrets management, etc.). Encryption, at rest and in transit, comes standard, ensuring the privacy and the security of data from Salesforce and public cloud providers (SDS creates these capabilities in a PaaS model, so other Salesforce teams can call these services and make sure their environments adhere to these security requirements).
- Experience building large scale distributed systems, especially in cloud environments
- Deep understanding of object oriented programming and experience with at least one object oriented programming language (Java, Go,Python C++, C#)
- Experience with public cloud services (AWS or Google Cloud Platform or Azure)
- Experience with Scrum or other agile development methodologies, with attention to code quality, delivering secure code
- Experience working in a complex team environment. Able to deliver under pressure.
- Good knowledge with operating systems (Linux, Mac and Windows)
- Prior security knowledge is not required.
- Knowledge working with relational database MySQL, Postgres
- Familiar with open source technologies, such as ZooKeeper, MongoDB
- Experience with big data and pipeline technologies, such as Hadoop, Kafka
- Knowledge or experience with machine learning
- Experience building services with Docker and Kubernetes
- Good knowledge with network technologies, such as TCP/IP, DNS or load balancer
Some key investments in our space include:
Data Security: Develop and deliver our reliable and scalable foundational services. These key building blocks - like key and secret management systems, PKI (public key infrastructure), service-to-service authn/authz and data encryption - enable the security of all other services and permit the protection of our customer data.
Identity and Access : Design and implement consistent and scalable identity and access services for all of Salesforce, integrating our IT network, public cloud infrastructure and our own data centers, and empowering all our engineers to operate these environments in secure manner.
Threat Detection and Response Engineering :- Develop highly scalable, automatic and flexible defense system integrating extensive data collection, big data processing, machine learning detection, automatic response, and automatic mitigation across all our data centers, IT infrastructure and public cloud environments.
Trust is Salesforce’s number one value. And we invest heavily in the security space to create the most secure enterprise cloud platform. Threat Detection & Response is one of the most critical components of our security defense system. It involves complex subsystems including massive data collection, detection through complex rules and machine learning, highly scalable response automation, deep investigation capability and mitigation solutions. All these solutions are built in our cloud environment with large scale distributed system. The architects and engineers in the D&R Engineering organization will partner with other security teams to design, implement and run these complex services. You are expected to bring in deep architecture and design knowledge, excellent engineering practice, as well as capability to provide high quality hands-on implementation.
Threat and Vulnerability Management Engineering: The TVM team provides a comprehensive vulnerability management program with an objective to eliminate risk introduced by deficient or misconfigured software and hardware. The TVM program ensures systems are secure from cybersecurity vulnerabilities in all phases of maturity: design (architecture), development and deployment (runtime). The program looks at people, processes and technologies from a vulnerability management lens. We develop and/or implement infrastructure for reducing organizational risk, hardening endpoint surface area, and increasing service and process resilience. Our scope spans all business units within the company, and contributes to the CISO’s security goals and reports.
The Network Security Engineering team is building a new internal cloud platform for various network security controls and management. Our mission is to develop highly-available and performant distributed systems to provide security at the network level in our private and public clouds, including micro-segmentation, network policy distribution, access control at host/device level, distributed firewall and DDoS prevention. Our scope is a wide range of compute substrates, including bare metal hosts, VMs, and containers.
Benefits & perks:
We have a public-facing website https://www.getsalesforcebenefits.com/en that explains our various benefits, including wellbeing reimbursement, generous parental leave, adoption assistance, fertility benefits, and more. Visit for the full breakdown!
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org.
Salesforce welcomes all.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.
Back to top