Software Development Engineer (ALL LEVELS) - Distributed Systems Security

Salesforce

Date listed

1 week ago

Job Location

San Francisco

Employment Type

Full time

Employees

10001+

Total Funding

$64.4 million

Glassdoor Rating

3.8 / 5 (6 reviews)


Trust is the #1 company value at Salesforce. Salesforce.com hosts web services and applications written by thousands of internal developers and tens of thousands of customers to provide the largest SaaS platform on the planet.

Our Security Software Engineering team builds and operates highly scalable, fault-tolerant, distributed systems to deliver cloud-scale security software services. We provide the fundamental building blocks to improve and preserve customer trust in Salesforce's products across multiple public cloud substrates and our own network infrastructure. We leverage many open source technologies, including big data, machine learning, no-SQL database, container, Kubernetes, Istio to architect and implement our services, to protect Salesforce products/infrastructure and defend against malicious attacks. Our products' massive complexity requires our software engineers to be highly adoptive to new technology and methodologies and have the strong ability to deliver reliable software services under pressure. Prior security knowledge is not strictly required. You will have the unique opportunity to learn from the best industry security experts and integrate that into your software and service engineering.

Our expanding team is looking for experienced Distributed Systems Developer (position level dependent on experience).

Click to learn more about our Culture and our Engineering organization through these videos!

Some key investments in our space include:

Security Foundation Services:

Develop and deliver reliable and scalable foundational services. These key building blocks - like key and secret management systems, PKI (public key infrastructure), service-to-service authn/authz and data encryption - enable the security of all other services and permit the protection of our customer data.

Identity and Access:

Design and implement consistent and scalable identity and access services for all of Salesforce, integrating our IT network, public cloud infrastructure, and our own data centers, and empowering all our engineers to operate these environments in a secure manner.

Threat Detection and Response Services:

Develop highly scalable, automatic and flexible defense system integrating extensive data collection, big data processing, machine learning detection, automatic response, and automatic mitigation across all our data centers, IT infrastructure and public cloud environments.

Trust is Salesforce’s number one value. And we invest heavily in the security space to create the most secure enterprise cloud platform. Threat Detection & Response is one of the most critical components of our security defense system. It involves complex subsystems including massive data collection, detection through complex rules and machine learning, highly scalable response automation, deep investigation capability, and mitigation solutions. All these solutions are built in our cloud environment with large scale distributed system. The architects in the D&R Engineering organization will partner with engineering managers to guide the team to design, implement and run these complex services. You are expected to bring in deep architecture and design knowledge, excellent engineering practice, as well as capability to provide a high-quality hands-on implementation.

Threat and Vulnerability Management Engineering:

Design, development and implement scalable vulnerability management infrastructure for all of Salesforce, integration of diverse assets data within data centers, public cloud infrastructures, IT network, and provide threat / risk reporting.

Secure Software Development Lifecycle:

Under this umbrella, we design, build and deliver highly available, disaster proof, public cloud hosted services for the entire Salesforce developer community and increase the security of Salesforce's products. Just a few of these include Credentials Scanning as a Service (find secrets and credentials hidden in our source code), Container Scanning as a Service (ensure that the container images being deployed for AWS, GCP, and Gov Cloud are free of vulnerabilities), 3PP as a Service (ensure that we do not inherit a third party developer's security vulnerabilities), Static Code Analysis as a Service (ensure that the Salesforce's own code -in any language- is free of security Vulnerabilities). These projects are all targeted directly at the developer community and have various touch points including integration with various CI and SCM systems.

Continuous Security Monitoring (CSM):

CSM is a continuous process of evidence collection, comparison of evidence to a known standard, and flagging divergence thereby assuring operating effectiveness of security controls. This involves collecting bits of data from endpoints (we've worked with OSQuery and Tanium), pumping that into a data lake (Kafka endpoints with a Hadoop/Hbase over S3 storage), dockerized containers for the backend and job scheduling and finally working that data into Salesforce Objects for dashboards and analytics.

Network Security:

The Network Security Engineering team is building a new internal cloud platform for various network security controls and management. Our mission is to develop highly-available and performant distributed systems to provide security at the network level in our private and public clouds, including micro-segmentation, network policy distribution, access control at host/device level, distributed firewall and DDoS prevention. Our scope is a wide range of compute substrates, including bare metal hosts, VMs, and containers.

If you have some/most of the key skills below, we have an exciting engineering position for you at all levels:

  • Experience and passion for service ownership, building reliable/self-healing services.
  • Experience working in a complex team environment. Able to deliver under pressure and dependency constraints.
  • Java, Go, Python, C/C++
  • Knowledge working with relational database MySQL, Postgres
  • Familiar with open source technologies, such as ZooKeeper, MongoDB
  • Experience with big data and pipeline technologies, such as Hadoop, Kafka
  • Knowledge or experience with machine learning
  • Experience building large scale distributed systems, especially in cloud environments
  • Familiar with public cloud services with AWS and Google Cloud Platform
  • Good knowledge with operating systems (Linux, Mac, and Windows)
  • Good knowledge with network technologies, such as TCP/IP, DNS or load balancer
  • Experience at Scrum or other agile development methodologies, with attention to code quality, delivering secure code

Requirements:

  • 5+ years of development experience
  • Proficiency in at least one of the following programming languages: Golang, Java, C++, Python, C#
  • Mastery of OOO concepts and programming
  • Demonstrated understanding of general Unix/Linux systems (e.g., CentOS, RHEL, Solaris, or similar)
  • DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
  • M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with the equivalent years of experience.