Senior/Lead/Principal Offensive Security

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category
Product

Job Details

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a buzzword - it's a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all.

Ready to level-up your career at the company leading workforce transformation in the agentic era? You're in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

About This Role

We're building something special in our Israel-based Offensive Security organization, and we're hiring multiple people across three key areas:

• Penetration Testing
• Red Team Product
• Security Research

While these roles share a common foundation in offensive security tradecraft, each brings its own unique focus and impact.

We're looking for deep expertise in at least one of these areas, with the ability to grow across others. We have multiple openings and are looking for talent at various levels. As we get to know you through the interview process, we'll work together to identify the best fit matching your expertise and interests with the specific role and level (Senior, Lead, or Principal) that makes the most sense for both you and the team.

Role Overview

We are seeking a highly skilled offensive security professional to join our elite team. This role is ideal for someone who thrives on breaking systems, finding creative attack paths, and using their findings to drive meaningful security improvements across Salesforce's products and infrastructure.

You will work alongside some of the best minds in security, operating with significant autonomy and impact. Whether you specialize in deep application level penetration testing, red teaming, security research or vulnerability discovery, we want to hear from you-you don't need to be an expert in all three domains. What unites these roles is a relentless attacker mindset, a drive to find and demonstrate real-world impact, and the ability to translate offensive findings into lasting security improvements.

Responsibilities

• Conduct advanced penetration testing, red team operations, or security research targeting Salesforce's cloud infrastructure, applications, and services
• Discover, exploit, and document security vulnerabilities using creative and methodical approaches
• Develop custom tools, exploits, and attack techniques to simulate real-world adversaries
• Collaborate with product teams to remediate vulnerabilities and improve secure design practices
• Contribute to the maturity of our offensive security program through automation, tooling, and process improvements
• Mentor and share knowledge with team members, fostering a culture of continuous learning
• Present findings and security insights to technical and executive audiences
• Stay ahead of emerging threats, attack techniques, and offensive security tradecraft

Required Qualifications

• 5+ years of hands-on experience in offensive security (Senior), 7+ years (Lead), or 10+ years (Principal).
• Deep, demonstrable expertise in at least one of the following domains: penetration testing, red teaming, application security research, or vulnerability discovery, with strong foundational knowledge and willingness to learn across other offensive security disciplines.
• Proven ability to identify and exploit complex vulnerabilities in web applications, APIs, cloud environments, or infrastructure.
• Strong programming/scripting skills (e.g., Python, Go, Bash, PowerShell) for tooling and automation.
• Deep understanding of attack frameworks (MITRE ATT&CK), common vulnerability classes (OWASP, CWE), and exploitation techniques.
• Excellent written and verbal communication skills, with the ability to clearly document technical findings.
• Self-motivated, intellectually curious, and comfortable working independently or as part of a team.

Preferred Qualifications

• Experience in cloud security (AWS, GCP, Azure) and containerized environments (Kubernetes, Docker).
• Background in offensive security research, including CVE discoveries or contributions to security tools.
• Familiarity with CI/CD pipeline security, supply chain attacks, or infrastructure-as-code security.
• Experience with social engineering, physical security testing, or adversary simulation.
• Active participation in the security community (bug bounties, CTFs, conferences, open-source contributions).
• Relevant certifications (OSCP, OSCE, OSWE, GXPN, or equivalent).

Benefits & Perks:

Check out our benefits site which explains our various benefits, including wellbeing reimbursement, generous parental leave, adoption assistance, fertility benefits, and more.

Open to Flex (1-3 days/week in the office), or Office-Based (4-5 days/week in the office)

IN SCHOOL OR GRADUATED WITHIN THE LAST 12 MONTHS? PLEASE VISIT FUTURE FORCE FOR OPPORTUNITIES

Unleash Your Potential

When you join Salesforce, you'll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best, and our AI agents accelerate your impact so you can do your best. Together, we'll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future - but to redefine what's possible - for yourself, for AI, and the world.

Accommodations

If you need a reasonable accommodation during the application or the recruiting process, please submit a request via this Accommodations Request Form.

Please note that Salesforce uses artificial intelligence (AI) tools to help our recruiters assess and evaluate candidates' resumes and qualifications throughout the recruiting process. Humans will always make any candidate selection and hiring decisions. Please see our Candidate Privacy Statement for more information about how we use your personal data and your rights, including with regard to use of AI tools and opt out options.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that's inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

Client-provided location(s): Tel Aviv, Israel

Job ID: Salesforce-JR327567

Employment Type: FULL_TIME

Posted: 2026-01-30T19:50:04