Description

Salesforce’s Security team is seeking Application Security Engineer to help secure the world’s #1 CRM. As a member of the NetSec DDoS team, you will be responsible for designing, building, and maintaining innovative security services and solutions that support the needs of our internal and external customers. You will be responsible and accountable for driving Application Security protection inside production Salesforce environments—both public cloud and first-party datacenters. This is a highly visible role that will work closely with partner teams to drive an integrated solution and respond to incidents.

RESPONSIBILITIES

• Design, architect, engineer, and operate cutting-edge DDoS solutions to provide protection across multiple substrates.

• Partner with other engineering teams and executives to develop short- and long-term security, product, and service strategies.

• Collaborate with other teams to solve security problems with minimal disruption to other business functions.

• Drive continuous improvement of policies, procedures, and technology.

• Interact with industry experts, partners, internal staff, and auditors.

• Work effectively as part of a geographically distributed team.

• Occasional travel is required (domestic and international).

REQUIREMENTS

• Industry experience: 5+ years experience in Software Engineering (Networking & Security)

  • 3+ years of experience in networking, security, or DDoS.

  • 3+ years of hands-on experience with one or more of Java, Python, Go, Bash, JSON, or Perl to enable software and network interaction.

  • 3+ years of experience in a high-availability 24/7 environment (cloud platforms are a plus).

• Familiarity with denial-of-service attacks, mitigation strategies, and industry best practices.

• Familiarity with OWASP Top 10 vulnerabilities, CWE, and related countermeasures.

• Experience with log analysis and monitoring systems such as Splunk, ELK, Grafana, etc.

• Hands-on experience designing and maintaining leading-edge distributed denial-of-service solutions for large-scale networks.

• Hands-on experience designing and maintaining public cloud environments, networking, and security controls.

• Networking (Security): Industry-level expertise in one or more of the following networking/security aspects:

  • Network security platforms, including segmentation, ACLs, and DDoS protection. Examples include:

    • Software: iptables, IPsec, VPN, IPS/IDS, firewall management platforms, ACL compilers, and tooling (Capirca).

  • VM and container network stacks.

  • Datacenter network architecture at the software platform and hardware device levels (NAT, VXLAN, overlay/underlay).

  • Network security architectures and implementations in public clouds (e.g., AWS, Azure, GCP).

• Must be proficient in network architecture and design, network security, and network monitoring.