Lead Security Engineer

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Job Details

About Salesforce

We're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place.

Lead Security Engineer

Description

Our Security team supports the unwritten fourth tenet of Slack's mission: make people's working lives more secure. We are passionate about protecting our infrastructure, operations, and most importantly, our customer data. We take a thoughtful approach to security, and strive to deliver low friction high-impact features to protect our customers.

As Slack's data, customers and features grow, protecting customer data becomes an even more significant challenge. As a member of the Slack Security Customer Protection team, you would be primarily focussed on detecting entities who intend/attempt to use Slack for malicious purposes. Regardless of whether users are on a free or paid plan, our ultimate goal is to ensure the platform remains secure for everyone. You would be developing and using tools to tease out high-fidelity signals from the noise, while collaborating with your peers to respond to and eradicate unwelcome behaviors(such as fraud, abuse, spam etc.) on the platform. You would develop and deploy analytics that inspect the Slack internal telemetry for suspicious behaviours and surface them as anomalies to our customers.

Slack has a positive, diverse, and supportive culture-we look for people who are curious, innovative and work to be a little better every single day. In our work together we seek to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, why not say hello?

What you will be doing

• You will understand the current data pipelines and datasets, and come up with innovative solutions to analyze them and identify unique outliers and patterns

• Participate in efforts to organize and query the datasets to support various detection engineering projects in flight

• Envision and develop innovative signals and roll them out across customer workspaces, which would aid the customer to identify anomalous behavior within their workspace, across various stages of the Kill Chain.

• Collaborate with key cross functional teams (Data and Backend engineering teams, Core platform and product teams etc.) to contribute towards security specific in-product feature development efforts.

• Partner with fellow security practitioners to develop and maintain internal tools and solutions that support our detection engineering efforts

Requirements

• Strong experience in Information Security centric roles, devising strategies and building controls to counter advanced and constantly evolving threats.

• Ability to envision a variety of Security Incident scenarios that could impact a customer and take an empathetic approach to developing detections to aid customers

• Ability to query large amounts of data to investigate anomalous activity and deploy detections to surface similar activity when it occurs in other customer workspaces

• Experience understanding Threat Actor Tactics, Techniques & Procedures (TTPs) and able to build detections to detect such TTPs

• Experience working in a security function, particularly Digital Forensics and Incident Response (DFIR), Threat Detection and/or Threat Hunting background.

• Ability to clearly and patiently articulate Threats and Threat Actor activity to Product Managers, Customer Experience teams, and other Engineers

• Ability to collaborate with a variety of stakeholders like Customer Success teams, peers in Product Security team, Product Managers, Platform Trust and Integrity teams to service the customers

• Expertise in high-level programming languages, particularly Python or Go. Ability to write efficient SQL queries and dig out relevant information.

• Enthusiastic in automating repetitive tasks and embracing emerging technologies (AI Agents etc.)

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that's inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.