Software Engineer, Product Security, Tooling - Slack

About SalesforceWe’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.About UsThe Product Security Tooling team fortifies Slack’s security posture by developing and maintaining automated solutions that reduce the product’s attack surface. We build systems that identify security risks and enable risk owners to remediate them at scale. We work closely with Slack engineers to ensure that they have a frictionless and integrated developer experience with innovative security tools. We proactively find opportunities to reduce manual workflows in security processes and build automation to address bottlenecks.The team has two major workstreams:Vulnerability ManagementSecurity ToolingWhat You Will Be DoingBe one of the lead engineers for the newly-formed Tools team with the ability to make a strong impact by automating our security processes.Unique opportunity to shape the team’s technical stack and product usage.Partner with Engineering and Technical Program Managers to create technical roadmaps. You will work to accomplish the team’s mission of build, buy, and operate internal and third-party security tooling at scale. Together, we will make results easily and programmatically accessible to the Slack Security and Engineering teams.Establish a technical baseline and expectations for how to standardize the operation of application security tooling at Slack.Develop key performance indicators around vulnerabilities, triage, and security controls.Lead, mentor, and guide team members through the software development and operation lifecycles.Partner with people leader stakeholders to help influence change and promote cross-functional communication.Mentor and grow other engineers by providing thoughtful feedback during all phases of the development lifecycle.Communicate risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns.Serve as a public representative for security at Slack by engaging in internal and external speaking engagements.Take an active role in driving security initiatives at Slack.Seek out opportunities to automate processes when appropriate.What You Should HaveBachelor’s degree in Computer Science, Computer Engineering, related technical field required, or equivalent practical experience.7+ years of proven experience in software development.Strong expertise in software engineering best practices.Experience coding in an industry-standard language such as Python (preferred), Go, Java, C#, Ruby, PHP, C++, or JavaScript.Experience with Amazon Elastic Compute Cloud Resources.A passion for improving security, systems, and processes.Experience designing, operating, and delivering internal and third-party security services at scale.Ability to see the big picture and build out concise, comprehensive, yet realistic project plans.Experience working in a complex, matrixed organization involving cross-functional projects.Ability to balance short-term engineering tradeoffs with long-term investments.A track record of mentoring team members.Strong written and verbal communication skills, with high attention to detail.Ability to connect with emotional intelligence when delivering constructive feedback regarding security matters to engineers and product designers.Knowledge of common security vulnerabilities as published by OWASP, SANS, etc.Knowledge of how to test code and applications across various platforms (iOS, Mac, Linux, Windows, Android, etc.) for security weaknesses and quality.Experience with containerized applications and their deployment, experience with secure software development, contributions to the security community (published research, blogging, public speaking, open source projects).AccommodationsIf you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.Posting StatementAt Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce. Salesforce welcomes all.

#J-18808-Ljbffr