Description
ABOUT THE TEAM
DevSecOps team is pioneering the future of security operations at Salesforce by building autonomous AI agents that transform how we protect, detect, and respond to threats. We're establishing a trusted, supervised Agentic Security Operations Model where autonomous agents execute high-volume operational tasks, enabling human analysts to focus on complex strategic problems.
As part of this team, you'll work at the intersection of cutting-edge AI technology, enterprise security, and platform engineering—building production system integrations and agents that directly impact how Salesforce defends against threats at scale.
THE ROLE:
We're seeking an experienced Security Engineer to join our DevSecOps team as a technical lead responsible for designing, building, and operationalizing complex multi-agent security solutions that help us respond to incidents and govern how we adhere to security controls. In this role, you'll drive the full lifecycle of agentic capabilities—from architecture and development through deployment and operational excellence—while ensuring data integrity, security governance, and reliability at scale.
This is a hands-on technical leadership role where you will deploy sophisticated agentic solutions, write production code, and establish the standards that enable autonomous security operations. You'll be the technical conscience for the team, unblocking complex challenges and ensuring our agents meet the highest standards for security, reliability, and business impact.
WHAT YOU'LL DO:
Technical Leadership & Architecture
Technical Vision & Conscience: Lead the design and hands-on development of the most complex, bespoke agentic architectures and multi-agent solutions for CSOC operations
Proactive Problem Solving: Identify and resolve critical technical blockers related to data pipelines, integration patterns, and platform customization before they impact delivery
End-to-End Architecture: Define comprehensive architecture spanning agent design, data flows, integration patterns, and operational frameworks;
Quality Guardrails: Review and approve technical designs from team members; ensure all agents meet security, governance, and reliability expectations before production deployment
Build & Integrate: Agentic Development
Hands-On Development: Perform full-stack development and hardening of custom AI agents using Python, Apex, JavaScript, and agentic frameworks (AgentForce, MCP, RAG architectures)
Evaluation Frameworks: Define rigorous automated evaluation and testing frameworks to measure agent accuracy, reliability, and business impact
Full Stack Execution: Own complete agent lifecycle from problem statement understanding through design, MVP development, production deployment, and iterative improvement
Integration Excellence: Build and maintain integrations with SOAR and SIEM platforms (Google SecOps, Azure Sentinel, Crowdstrike), and security tools across the CSOC ecosystem
Operational Excellence & Platform Management
Agentic Vendor Tools: Maintain operational excellence for SOAR/SIEM platforms , ensuring scalability, performance, and reliability
Data Integration Pipelines: Monitor and optimize security log data pipelines supporting agent consumption; troubleshoot ingestion delays and outages
Agent Health Monitoring: Implement observability frameworks to monitor agent performance, quality, accuracy, and operational health; respond to degradation and outages
Performance Optimization: Continuously tune agent performance, LLM cost efficiency, and system scalability based on operational metrics
Data Integrity, Governance & Compliance
Data Quality Ownership: Own the quality, completeness, normalization, and retention of all security log data feeding agentic systems
Data Readiness for AI: Ensure security data is properly structured, enriched, and accessible for RAG consumption and agent reasoning
SOC Tool Governance: Monitor and optimize operational health, availability, and efficacy of the security control plane across Salesforce.
Compliance & Audit: Maintain 100% traceability ensure DevSecOps compliance with legal, privacy, and security governance requirements
Testing, Validation, Audit & Feedback
Requirements Gathering: Collaborate with partner teams (CSIRT, Threat Intel, Detection & Response) to gather requirements and validate agent outputs meet operational needs
Feedback Loops: Establish continuous feedback mechanisms to review agent performance, identify improvement opportunities, and iterate on designs
User Acceptance Testing: Coordinate UAT with security analysts; ensure agents deliver measurable value and positive user experience
Audit & Documentation: Maintain comprehensive documentation of agent architectures, design decisions, test results, and operational runbooks
REQUIRED Skills:
Leadership & Communication
Technical Leadership: Proven ability to lead complex technical initiatives; experience mentoring engineers and setting technical direction
Cross-Functional Collaboration: Strong partnership skills working with security analysts, platform engineers, and product teams
Problem Solving: Demonstrated ability to diagnose and resolve complex technical issues under pressure
Communication: Excellent written and verbal communication; ability to explain complex technical concepts to non-technical stakeholders
Experience & Skills:
8+ years of experience in Cybersecurity Engineering, or Platform Engineering roles
Experience managing critical production security systems at enterprise scale
Track record of delivering high-impact technical projects from concept to production in global highly regulated organizations
Salesforce platform experience (Apex, SOQL, Lightning, Security Center, Data Cloud, Shield)
Agentforce Innovator certification or equivalent Salesforce AI credentials
Security certifications CISSP and/or GIAC
For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.