DevSecOps Engineer - Security Focus
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job CategorySoftware Engineering
We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
Salesforce seeking a talented and motivated DevSecOps Engineer with a strong focus on security to join our team. As a DevSecOps Engineer, you will play a crucial role in integrating security practices seamlessly into our development and operations processes. Your primary responsibility will be to ensure the security, compliance, and resilience of our systems and applications throughout their lifecycle.
1. Secure Code Review:
- Implement and maintain code scanning tools to automate security checks in the CI/CD pipeline.
2. Security Architecture:
- Assess and enhance the security architecture of our systems, identifying and mitigating potential risks.
- Design and implement security controls, such as authentication, authorization, encryption, and monitoring.
3. Vulnerability Management:
- Proactively identify and track vulnerabilities in software dependencies, libraries, and third-party components.
- Develop and execute vulnerability remediation plans, ensuring timely fixes.
4. Continuous Compliance:
- Establish and enforce security policies, standards, and best practices to ensure compliance with industry regulations and company requirements.
- Automate compliance checks and reporting within the CI/CD pipeline.
5. Security Monitoring and Incident Response:
- Set up and manage security monitoring tools and systems to detect and respond to security incidents in real-time.
- Develop incident response plans and participate in security incident investigations and resolution.
6. Infrastructure as Code Security:
- Implement security controls within IaC scripts and templates to secure cloud infrastructure.
- Automate security checks for cloud resources and configurations.
7. Security Training and Awareness:
- Provide security training and guidance to development and operations teams.
- Foster a security-aware culture within the organization.
8. Documentation and Reporting:
- Maintain detailed documentation of security processes, configurations, and incidents.
- Generate regular security reports and metrics for management.
- A related technical degree required.
- Proven experience as a DevSecOps Engineer or similar role, with a strong focus on security.
- Deep knowledge of security principles, practices, and standards.
- Proficiency in scripting and automation
- Familiarity with cloud security practices and platforms
- Knowledge of CI/CD pipelines and associated tools (e.g., Jenkins, GitLab CI/CD).
- Relevant security certifications (e.g., CISSP, Certified DevSecOps Engineer) are a plus.
In office (Atlanta, GA, Dallas, TX or Indianapolis, IN) expectations are 10 days/a quarter to support customers and/or collaborate with their teams.
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com.
Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce.
Salesforce welcomes all.