Partner with product, and engineering teams to integrate security controls into distributed systems — including Micro-service architecture, cloud services, container platforms, and APIs.

Support penetration tests, red team findings, and bug bounty remediation Surface security considerations for new domains such as AI/ML features, model pipelines, and agent frameworks.

Required

The ability to think like an attacker, develop threat models and help teams reason through different approaches to reducing security risk

Experience securing large-scale, distributed, cloud-native systems

Experience in application/product/security engineering or a related technical security role

Experience securing multi cloud platforms (AWS, GCP, Azure), multi-tenant SaaS, containerization and orchestration technologies such as Docker or Kubernetes

Hands-on experience with secure development tools (SAST/DAST/IaC scanning), secure code review, and penetration testing

Familiarity with at least one programming language (e.g., Java, Python, Go, JavaScript)

Excellent communication skills — able to translate security risks to technical and non-technical stakeholders.

Preferred / Nice to have

Familiarity with AI/ML security risks (prompt abuse, model poisoning, RAG data leakage).

Experience with or leading bug bounty, red team, or penetration testing programs.

Contributions to open-source security projects or tools.

For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

See more open positions at Own Company

Privacy policy Cookie policy