Description
We are looking for a highly skilled Principal Engineer to join our Endpoint Protection & Infrastructure Vulnerability Scanning team. Reporting directly to the Sr. Director of Endpoint Protection & Infra Vuln Scanning, you will serve as a technical anchor for a critical security engineering team — driving architecture, leading end-to-end software delivery, and setting engineering standards across the organization.
This is a hands-on, high-impact role for a deeply technical engineer who thrives at the intersection of software development, security infrastructure, and platform engineering.
What You'll Do
- Lead end-to-end software development across complex security data pipelines from ingestion to canonical data stores and downstream consumers.
- Own system architecture for vulnerability scanning and endpoint protection platforms, including authoring System Design Records (SDRs) and Architecture Decision Records (ADRs).
- Drive platform reliability through availability monitoring strategies, alerting frameworks, and infrastructure hardening.
- Design and build APIs and services including REST API optimization, policy evaluation engines, integration adapter registries, and projection/aggregation services.
- Set engineering standards across the team for code quality, design consistency, and documentation practices.
- Mentor and guide Lead and Senior Engineers through PR reviews, sprint planning, and technical deep dives.
- Collaborate cross-functionally with security architects, platform teams, and partner engineering orgs to ensure clean system integration and dependency alignment
- Workload split is approximately 75% new feature development and 25% maintenance, on-call, and bug remediation
- Support on-call operations on a rotating schedule, including flexibility for major incidents across time zones.
- Leverage AI-assisted development tools to accelerate delivery, enforce engineering rigor, and support multi-language development.
What We're Looking For
- 10+ years of core software development experience with mastery in multiple programming languages and platforms.
- Strong foundation in database engineering, API development, and data pipeline construction, including experience with event-driven architectures, and distributed systems
- Demonstrated ability to craft and deliver large, sophisticated projects across the full software lifecycle, including experience with products released for public consumption across multiple releases.
- Proven experience with infrastructure hardening and operational reliability (alerting, availability monitoring, MTTR reduction).
- Ability to design systems at scale including experience with architecture reviews, design documentation, and cross-team alignment; experience working with engineering teams, architects, and executive leadership to craft architectural vision and roadmap.
- Develops technical performance architecture that solves the most complex performance and scalability challenges, with the ability to drive long-term design strategies spanning multiple complex projects.
- Strong engineering process discipline: PR reviews, design reviews, sprint execution, and documentation; experience with Agile/Scrum methodologies and short release cycles
- Ability to provide mentorship to team members, supporting their understanding of architecture and aiding in their technical growth
- Skilled at fostering cross-functional technical collaboration to surface, escalate, and resolve critical issues effectively.
- Ability to deliver technical reports and performance presentations to customers and at industry events
- A related technical degree required
Responsibilities
- Ensure company and customer data remains secure, utilizing knowledge of a wide variety of security disciplines, including network, application and infrastructure security.
- Audit Salesforce cloud infrastructure against industry and company security standards, develop uplift plan, and execute on plan to align cloud infrastructure with those standards.
- Collaborate with various internal teams, including infrastructure, engineering, operations, and product development to design and architect infrastructure (i.e. network, operating system, databases) and applications to protect against attackers.
- Serve as a hands-on technical specialist, responsible for handling the complex and detailed technical work necessary to establish and maintain enhanced cloud security.
- Architect, configure, manage, and deploy technologies to improve Salesforce’s ability to prevent intrusions. Track down targeted vulnerabilities and defend against active adversaries. Research, gather threat intelligence and build, optimize, and automate systems to consume threat feeds and track adversaries
- Create innovative solutions to complex security problems, including the design and use of software to identify security issues, deploy security solutions, and perform reporting activities
- Utilize graduate-level research/analytical skills to understand the latest threats and methodologies for effectively designing advanced controls in the prevention, detection, and reaction to threats to the environments.
- Mentor and guide engineering teams to achieve team deliverables.
- Communicate clearly to both Engineering and Executive audiences.
Desired Qualifications
- You have 5+ years experience in a computer network-related occupation
- You have 2+ years experience in each of the following skills:
- Unix/Linux system administration, including working with Windows environments and hardening guidelines;
- Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure and other public and private cloud infrastructure (EC2, VPC, ELB, S3, EMR, IAM); and
- Building and operating secure infrastructures
- You have some experience in each of the following skills:
- Security disciplines including security engineering, vulnerability analysis, firewalls, and encryption technologies
- Transmission Control Protocol/Internet Protocol (TCP/IP) networking, such as Open Systems Interconnection (OSI) stack, TCP, and Software-Defined Networking (SDN)
- Writing code in programming languages such as Python,and Ruby to automate software/systems
- Utilizing knowledge of core protocols and cryptographic standards to guide secure implementations
- Security technologies, including host and network-based protection and detection technologies
- Network, host and application security practices
For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.