Senior Application Security Architect

Location(s):
San Francisco, CA - HQ
 
Description: Salesforce.com has rapidly evolved from a startup founded by four people in a cramped San Francisco apartment in 1999 to a company with more than 2,300 employees, a $700 Million Annual Revenue Run Rate and over 900,000 users worldwide. As a pioneer in on-demand business services, we are transforming the software industry, championing what we call the “democratization” of software—offering small companies the benefits of sophisticated business applications, a luxury previously affordable only for large enterprises. Our customers range in size from tiny companies to global multinational corporations and represent diverse industries. Top talent across the world joins salesforce.com for its “change the world” mentality; the opportunity to excel in a performance-driven, fast-paced, and competitive atmosphere; the chance to be surrounded by peers and leaders that inspire, motivate, and innovate and a corporate philosophy that incorporates community involvement into its fabric.

This role will provide security expertise to support Salesforce.com’s on-demand service. You’ll work closely with the technology organization to educate our team on secure application development and create innovative security solutions for our product. Additionally, play a key role as you provide both strategic and tactical security advice and develop technology solutions which promote securing customer data including examining new and existing technologies.

Responsibilities:
    Responsibilities include identifying and understanding the development practices, networks and infrastructure that make salesforce.com successful in order to identify the things that can put our success at risk, and then building solutions and mitigations to help resolve those risks. Guide the Salesforce.com technology organization’s security by participating in design reviews, Threat Modeling, and in depth security penetration testing of our code and systems. These responsibilities extend to providing input on application design, secure coding practices, log forensics, log design and application code security. The ideal candidate will have in-depth experience protecting against web and web services security vulnerabilities including cross-site scripting, sql injection, DoS attacks, XML/SOAP and API attacks, email security flaws and more. Also included is performing cutting edge research on new attacks, writing white papers and presenting on those findings to internal audiences. In addition this individual will hold responsibilities for evaluating external and/or building internal application security tools and driving usage of these tools internally.


Required Skills/Experience:
  • BS degree (4 year program)
  • Minimum of 5 years working in application security
  • Ability to demonstrate strategic thinking
  • Extensive problem solving and analytical skills
  • Experience working in 24x7xforever support for security in production systems
  • Extensive knowledge of the Open Web Application Security Project
  • Extensive programming and application development experience in multiple languages such as Java, C, and scripting languages


Desired Skills:

About You
 
More Info
 
 

* These fields are required