Description
*IN SCHOOL OR GRADUATED WITHIN THE LAST 12 MONTHS? PLEASE VISIT FUTURE FORCE FOR OPPORTUNITIES*
We're hiring a Product Security Engineer join our Infrastructure Security Team. This role requires the ability to engineer automated guardrails, contribute to "paved path" templates, and assist in maintaining multi-cloud hygiene. This team is responsible for reducing developer toil while enforcing rigorous security configurations.
Responsibilities:
Assist in the engineering and deployment of automated policy-as-code controls (e.g., OPA, Checkov) within CI/CD and runtime environments.
Support the development and certification of Infrastructure-as-Code (IaC) modules. Ensure Terraform and multi-substrate templates adhere to strict security standards before they reach the engineering lifecycle.
Participate in the maintenance of Key Risk Indicator (KRI) dashboards for AWS and GCP. Analyze multi-cloud asset data to identify and remediate privilege escalation paths.
Actively identify manual security processes and develop automated scripts or tooling to eliminate them.
Contribute to building and maintaining the shared system context, an explicit repository of system designs, constraints, and standards that enables AI to operate accurately and reliably.
Performance Expectations:
Do not wait for vulnerabilities to hit production. Proactively identify and block insecure configurations at the development stage.
Solutions must minimize false positives. High-noise implementations will be rejected.
Do not solve for the single instance. Build for the organization. All solutions must scale across all Salesforce Clouds.
Required Technical Competencies:
2+ years of professional related experience
Deep familiarity with Terraform. Must understand how to write and validate secure modules.
Functional knowledge of AWS or GCP security configurations. Understanding of IAM, network boundaries, and organizational policies.
Experience or strong aptitude for learning OPA (Open Policy Agent) or Checkov to implement preventative controls.
Proficiency in Python or Go for automating security signal collection and remediation workflows.
Understanding of how to integrate security tooling into automated deployment pipelines without impacting delivery velocity.
A demonstrated, genuine AI-first approach to tasks. Using AI to move faster, build fluency across the stack, and contribute well beyond your core specialty.
Experience using AI tools (e.g., Claude Code, GitHub Copilot, Codex, Cursor, etc.).
Advanced prompt engineering skills and the ability to write precise, structured prompts and cultivate the system context that makes AI outputs reliable, secure, and production-ready.
A related technical degree required.
*IN SCHOOL OR GRADUATED WITHIN THE LAST 12 MONTHS? PLEASE VISIT FUTURE FORCE FOR OPPORTUNITIES*