Massachusetts Information Technology Jobs

Search for Jobs in Information Technology
MassHire JobQuest Logo

Job Information

Salesforce.com, Inc Sr. Enterprise Application Security Engineer, Enterprise Client and Mobile Apps in Boston, Massachusetts

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Products and Technology

Job Details

Are you a security professional passionate about translating technical risks into balanced

guidance for a diverse workforce? Are you inspired by innovating pragmatic solutions for

security challenges across a broad range of enterprise application platforms and products? Do you get excited about

enabling an effective security program at scale?

Enterprise Security is seeking an Application Security Engineer to improve the security of an

extensive suite of enterprise and mobile applications that serve our rapidly expanding workforce. In this

role, you will partner closely with technology and business stakeholders to understand their

objectives, identify threats, and scale our enterprise security programs. You will

collaborate with our IT organization and champion security requirements in the selection,

development, and integration of a wide range of technologies. You will also have the opportunity

to identify emerging threats and design new processes that balance security and business

agility across Salesforce.

At Salesforce Trust is our #1 value. We are looking for a team player who can contribute and grow alongside an established and experienced team of technical security professionals. Are you interested in becoming part of an innovative, business centric security team that focuses on preventing and remediating risk to the organization?

Primary Responsibilities:

  • Perform threat modeling / data flow diagramming / design risk analysis/ security assessments in partnership with business partners, providing guidance that balances security requirements with functional requirements.

  • Review internal applications and integrations, providing guidance on vulnerability remediation steps, hardening improvements, and data access requirements.

  • Improve the corporate and IT secure software development lifecycle (SDLC), delivering security guidance to engineers in language they understand, mentoring security champions, and contributing to security training materials.

  • Perform code reviews and black box penetration tests of enterprise and mobile applications, providing guidance on remediation steps, feature enhancements, and security requirements.

  • Use your writing and presentation skills to communicate at all levels in the organization. Possess the ability to communicate concisely, clearly, and intelligently to partners from a variety of backgrounds, including those who are non-technical.

Minimum Qualifications:

  • 3+ years experience in an application security engineer/security assurance role

  • In-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.

  • Relevant development experience in one or more of these languages: Java, JavaScript /NodeJS, Ruby, .NET, C / Objective C, PHP, Python.

  • Knowledge of attack frameworks, browser security model, applied cryptography, enterprise software, and agile development practices.

  • Experience conducting design reviews, code reviews, and penetration tests of enterprise and mobile applications

  • Experience creating threat models and data flow diagrams

Helpful Qualifications:

  • Knowledge of development practices on the Salesforce platform, Heroku, Slack, Mulesoft, and/or Tableau.

  • Past work experience with SDLC practices, DevOps, or security champion programs.

  • Familiarity with static analysis and code quality tools like Semgrep, SourceGraph, PMD, CodeQL

  • Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications

  • Highly motivated, driven to overcome obstacles and execute on provided objectives.

  • Industry certifications such as OSCP, OSWE, GWAPT, GPEN or similar.

For Colorado-based roles: Minimum annual salary of $111,000. You may also be offered a bonus, restricted stock units, and benefits. More details about our company benefits can be found at the following link: https://www.getsalesforcebenefits.com/

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form. (http://cloud.mail.salesforce.com/accommodations-request-form)

Posting Statement

At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org.

Salesforce welcomes all.

Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Founded in 1999, Salesforce is the global leader in Customer Relationship Management (CRM). Companies of every size and industry are using Salesforce to transform their businesses, across sales, service, marketing, commerce, and more by connecting with customers in a whole new way. We harness technologies that can revolutionize companies, careers, and, hopefully, our world.

Salesforce is built on a set of four core values: Trust, Customer Success, Innovation, and Equality. By making technology more accessible, we're helping create a future with greater opportunity and equality for all. This has taken our company to great heights, including being ranked by Fortune as one of the “Most Admired Companies in the World” and one of the “100 Best Companies to Work For” eleven years in a row, and named “Innovator of the Decade” and one of the “World’s Most Innovative Companies” eight years in a row by Forbes.

There are those who choose to work with the best and brightest. And then, there are those who want to do more than just a job. They are the ones improving lives, not only their careers. Having an impact now instead of later. Doing something that’s so much bigger than themselves, an industry, and their company.

We believe everyone can be a Trailblazer. Join Salesforce and discover a future of new opportunities.

DirectEmployers