1. Home
  2. Red Team Penetration Tester and Security Assessment Engineer
Expires soon
Salesforce

Red Team Penetration Tester and Security Assessment Engineer

  • San Francisco (San Francisco County)
  • Design / Civil engineering / Industrial engineering
Apply Now

Job description

Job Category

Products and Technology

Job Details

As a penetration tester at Salesforce.com and member of our red team you will uncover vulnerabilities in our infrastructure, software and processes and help facilitate removal. You will perform penetration tests, information security assessments, and application security assessments on a wide variety of infrastructure and software within our environment. You will work with talented technical experts from various Salesforce.com teams on a regular basis. Top contributors will enjoy the freedom to work with limited barriers and the experience of working with other talented and passionate information security professionals.  

Location: San Francisco, CA + Bellevue, WA
Leveling: We are looking for best the offensive security engineers in the world.  If you fit that  profile, we will work with you to ensure that your job title/level is aligned to your skill sets and that you are compensated at that level as well.  

Responsibilities:

- Perform penetration tests and vulnerability assessments on targets across \'all\' of our  business units and locations.
- Facilitate removal or remediation of vulnerabilities in collaboration with our broader engineering and operations teams.
- Contribute to our penetration testing program and toolkit.
- Research new threats, attack vectors and risks.
- Collaborate with your colleagues...many of the best in the world.


Minimum Qualifications:

- BS/MS degree, or relevant work experience
- Infrastructure and application level penetration testing experience
- Expert knowledge in computer and network security
- Extensive knowledge of the OWASP Top 10 and CWE Top 25
- Experience in exploiting web and web services security vulnerabilities including cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML/SOAP, API attacks, and more.
- Strong coding skills; Software development, Java, PHP, Perl, Python, Ruby, etc….
- BS Computer Science or equivalent knowledge and experience
- Offensive attack hacker mindset
- Experience with the latest and greatest penetration testing tools


Desired Skills and Credentials: 

- Assembly/exploit developpment experience
- Bug bounty awards
- Experience in software development, Java, PHP, Perl, Python, Ruby, etc….
- Information security certifications, GPEN, OSCP, OSCE, OSWE, CEH, CISSP
- Ability to self motivate when given strategic goals.


*LI-Y

Posting Statement

Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Make every future a success.
  • Job directory
  • Business directory
    •