1. Home
  2. Network Security Software Architect, Infrastructure Security Cloud
Expires soon
Salesforce

Network Security Software Architect, Infrastructure Security Cloud

  • San Francisco (San Francisco County)
  • Architecture / Town planning
Apply Now

Job description

Job Category

Products and Technology

Job Details

Salesforce is world’s #1 CRM business and Trust is our #1 value. We commit to Trust by upholding the highest engineering and security standards for our network security posture.

The Security team is looking for an experienced software architect to help build a state-of-the-art infrastructure for network security controls and management. Our mission is to develop highly-available and performant infrastructure platforms to provide security at the network level in our private and public clouds, including microsegmentation, network policy distribution, access control at host/device level, distributed firewalling and DDoS prevention.

As Network Security Architect, you will be at the forefront of innovation in our security cloud infrastructure. You will establish the long term vision for our network security platforms, collaborate with the executive teams to evangelize solutions, design architectures with our product management teams and drive implementation alongside our security developers. You will also have the opportunity to collaborate with product and infrastructure teams, security operations, systems security and datacenter network architecture teams.

Responsibilities

·  Establish the long term vision for the network security infrastructure alongside business decision makers. This vision covers, but is not limited to, network policy management, ACLs enforcement, firewalls, security analytics, DDoS and network protection for bare metal servers, containers, and VMs
·  Architect the systems and platforms supporting the network security infrastructure in Salesforce’s private and public clouds
·  Perform datacenter network architecture security assessments, identify risks and architect IaaS/PaaS platforms to harden our security and availability posture
·  Hands-on code and guide the security developers in the development of these software platforms
·  Research and implement new networking security solutions and platforms for intra- and cross-datacenter network flows
·  Advance and operate the network security platforms in a full DevOps model
·  Operate in an Agile development environment, including participating in sprint plannings and daily scrums
·  Support the team’s engineering excellence by defining security best practices, performing code reviews and mentoring team members

Requirements

·  Education . M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with equivalent years of experience
·  Network Security Platforms . 8+ years in designing and implementing network security and application security systems, including:
·  3+ years experience in SaaS, PaaS or IaaS software development
·  3+ years experience in a high-availability 24/7 environment (cloud platforms are a plus)
·  Platform development . Proven track of designing and coding large-scale PaaS or IaaS systems, especially for public cloud providers (e.g., AWS, Azure, GCP)
·  Programming . Proficiency in object-oriented and multi-threaded programming in at least one of the following languages: Golang, Java, C++, Python
·  Software design . Demonstrated expertise in applying systems patterns (e.g., Client-server, N-tier, Master/Slave, MVC) and API constructions (e.g., Swagger, OpenAPI)
·  Operating systems . Development and software management on Windows and Linux systems (e.g., CentOS, RHEL)
·  Security . Strong knowledge in security fundamentals: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI)
·  DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
·  Communication . Excellent oral and written communication skills
·  Team . Ability to value team success beyond personal contributions

Desired Skills/Experience

·  Network Security . Industry-level expertise in networking security platforms, including segmentation, ACLs, DPI, DDoS protection. Examples include:
·  Software: iptables, ipsec, VPN, IDS, WAF
·  Hardware: switch ACLs, stateful firewalls, network segmentation, security zones
·  Networking . Industry-level expertise in any of the following networking aspects
·  VM and containers network stacks (OpenStack’s Neutron, Cilium, Romana)
·  Network control planes and agents (Calico, Flannel, Contiv, Contrail, OVN)
·  OSI model and debugging network traffic
·  Networking protocols (TCP/UDP, BGP, DNS, DHCP)
·  Datacenter network architecture at software platform and hardware devices (NAT, VXLAN, overlay/underlay)
·  Distributed systems . Expertise in designing, implementing and operated distributed systems architectures and concepts, including any of the following:
·  High-performance, high-availability (99.999%) and self-recoverable systems
·  Control, orchestration and automation platforms
·  RPC frameworks (e.g., Protobuf/gRPC, Thrift, Bond)
·  Consensus and consistency frameworks (e.g., Paxos, Raft, strong/eventual consistency)
·  Data-processing systems (e.g., Lambda architecture, Kafka, RabbitMQ, ELK)
·  Storage solutions (e.g., Cassandra, MongoDB, Hadoop, Redis, Zookeeper)
·  VMs/Containers . Hands-on experience with VMs and container technologies (e.g., OpenStack, Docker, Kubernetes)
·  Full-software ownership from idea to running in production: design, code, writing unittests, performing integration tests, deploying to production, supporting the system in the production environments

Company Overview:

Salesforce, the Customer Success Platform and world's #1 CRM, empowers companies to connect with their customers in a whole new way. The company was founded on three disruptive ideas: a new technology model in cloud computing, a pay-as-you-go business model, and a new integrated corporate philanthropy model. These founding principles have taken our company to great heights, including being named one of Forbes’s “World’s Most Innovative Company” five years in a row and one of Fortune’s “100 Best Companies to Work For” eight years in a row. We are the fastest growing of the top 10 enterprise software companies, and one of the top 5 largest cloud business providers . Together, with our whole Ohana (Hawaiian for \'family\') made up of our employees, customers, partners and communities, we are working to improve the state of the world.

Posting Statement

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Make every future a success.
  • Job directory
  • Business directory
    •