Senior Software Security Engineer (Distributed Systems)

## Description

Overview

Salesforce and Google Cloud have embarked on a groundbreaking partnership worth $2.5 billion to revolutionize customer relationship management (CRM) through advanced artificial intelligence (AI). By integrating Google's Gemini AI models into Salesforce's Agentforce platform, we're enabling businesses to harness multi-modal AI capabilities—processing images, audio, and video—to deliver unparalleled customer experiences. Join our team of talented engineers and help us advance the integration of Salesforce applications on Google Cloud Platform (GCP). You will have the unique opportunity to work at the forefront of IDP, AI and cloud computing and contribute to enabling a full suite of Salesforce applications on Google Cloud. You will get an opportunity to build a platform on GCP to enable agentic solutions on Salesforce.

We are seeking a proactive and skilled Software Security Engineer to join our GCP team. The ideal candidate will be responsible for enhancing our security posture across various domains, focusing on development, vulnerability management, infrastructure security, and the security of distributed and scalable distributed systems. This role requires hands-on experience with security systems, a deep understanding of modern threats, and the ability to drive security improvements through engineering solutions.

As a Software Security Engineer, you won’t just find vulnerabilities, you’ll engineer the systems that prevent them. You will play a pivotal role in securing our distributed micro-services architecture on GCP, moving security by building automated, high-performance tools that empower our entire engineering organization.

Your Impact:

• Security Engineering & Automation: Build and integrate high-performance security tools and custom scripts into our CI/CD pipelines (SAST/DAST, SCA, SIEM) to automate manual toil.
• Infrastructure as Code (IaC): Develop and secure Terraform/IaC templates to ensure our cloud infrastructure is hardened by design before it ever reaches production.
• Vulnerability Leadership: Lead the end-to-end vulnerability lifecycle, using a risk-based approach to prioritize remediation across network, cloud, and application layers.
• Architecture & Threat Modeling: Partner with DevOps and Product teams to conduct threat modeling and architectural reviews, ensuring new features are resilient and scalable.
• Compliance & Governance: Act as the technical lead for audits (SOC2, ISO 27001), leveraging automation to provide evidence of consistent monitoring and timely closure of risks.
• Production Resilience: Troubleshooting and resolving complex security issues in production using distributed tracing and modern monitoring tools.

Required Skills:

• Engineering Mindset: 5+ years of experience in Security Engineering with a focus on building tools, not just managing them.
• Coding Proficiency: Strong experience in Go, Java, or Python with a solid grasp of Object-Oriented Programming and automation.
• Cloud & Infrastructure Expertise: Deep experience with GCP (similar) and Terraform for managing cloud security posture (CSPM) and infrastructure.
• Security Domain Knowledge: Practical experience with network protocols, OS hardening (Linux), and modern attack vectors.
• Collaborative Spirit: A desire to work cross-functionally with DevOps to embed security into the SDLC.

Desired Qualifications:

• Experience in secure software development lifecycle (SDLC) practices.
• Familiarity with container security technologies (e.g., Docker, Kubernetes).
• Experience with developing or contributing to open source tools.

For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.