salesforce.com
Senior Threat Intelligence and Vulnerability Management Engineer
United States, US - Computer Software, Information Technology and Services, Internet
Salesforce.com has one of the best Information Security teams in the world and growing this piece of the business is a top priority! Our Information Security teams (Trust) work hand in hand with the business to ensure the highest security around all of our applications.
Why is security important at Salesforce?
Trust and security are Salesforce’s number one value as a company. Has been that way for quite some time and will continue to be into the future.
Have you ever worked at a company where security is not the company's top value? Of course you have. You won’t see that at Salesforce.
Security is taken very seriously at Salesforce and is one of the underlying foundational elements of our service.
We have found that our future security efforts rely heavily on bringing on talented individual contributors that have a passion for thwarting threats and identifiying root causes, and in parallel determining any relevance or correlations in our proprietary Big Data Security Analytics framework. In that effort, our team is selecting engineers obsessed with digging in the details, while providing guidance and contributing to a growing set of tools to aid in that effort.
As a Senior Threat Intelligence and Vulnerability Management Engineer at Salesforce.com you will develop and deploy tools which gather and correlate threat and vulnerability data and transform it into meaningful intelligence that drives action. You will perform vulnerability assessments on a wide variety of infrastructure and software manually and with automated tools. You will work with talented technical experts from various Salesforce.com teams on a regular basis. Top contributors enjoy the freedom to work with limited barriers and the experience of working with talented individuals on initiatives.
Responsibilities:
- Develop an enterprise threat and vulnerability intelligence system and program.
- Research new threats, attacks and risks to Salesforce systems and software.
- Perform vulnerability assessments and facilitate remediation of vulnerabilities.
- Evangelize security policy and best practice within and outside of Salesforce.
Minimum Qualifications:
- BS/MS degree, or relevant work experience
- Extensive knowledge in computer and network security
- Extensive knowledge of the OWASP Top 10 and CWE Top 25
- Experience with automated vulnerability assessment tools at scale.
- Experience in software development, Java, PHP, Perl, Python and Ruby
- Experience in exploitation of web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, XML/SOAP and API attacks
Desired Skills and Credentials:
- Ability to self motivate when given strategic goals.
- Excellent organizational and communication skills in vulnerability remediation
- Infrastructure and application level penetration testing experience
- Information security certifications, GPEN, OSCP, OSCE, OSWE, CEH, CISSP
- Bug bounty awards
Salesforce.com is an Equal Employment Opportunity and Affirmative Action Employer. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com does not accept unsolicited headhunter and agency resumes. Salesforce.com will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com.
Accessibility – If you require accessibility assistance applying for open positions please contact applicant_access@salesforce.com
No salary provided
Posted July 01, 2014 at 10:57AM from LinkedIn http://ift.tt/1pGX8aM
via IFTTT
No comments:
Post a Comment