Complete Posting Senior Product Security Engineer

Job Title: Senior Product Security Engineer Description: This role will provide security support for salesforce.com's cloud computing service. You'll work closely with the technology organization to educate our team on secure application development and help in creating innovative security solutions for our product. Additionally, you will play a key role providing both strategic and tactical security advice and help in developing technology solutions which promote securing our customer's data and users.

Responsibilities: Responsibilities include identifying and understanding the development practices, networks and infrastructure that make salesforce.com successful and then recommending and/or building solutions and mitigations to help resolve risks to that success. Guide the Salesforce.com technology organization's security by participating in design reviews, Threat Modeling, and in depth security penetration testing of our code and systems. These responsibilities extend to providing input on application design, secure coding practices, log forensics, log design and application code security. The ideal candidate will have in-depth experience protecting against web and web services security vulnerabilities including cross-site scripting, sql injection, DoS attacks, XML/SOAP and API attacks, email security flaws and more. Also included is performing cutting edge research on new attacks, writing white papers and presenting on those findings to internal audiences. In addition this individual will hold responsibilities for evaluating or building application security tools for internal consumption and driving usage of these tools.

JOB REQUIREMENTS --- BS degree (4 year program)

Minimum of 5 years working in application security

Ability to demonstrate strategic thinking

Extensive problem solving and analytical skills

Experience working in 24x7xforever support for security in production systems

Extensive knowledge of the OWASP Top 10 and CWE Top 25

Extensive programming and application development experience in multiple languages such as Java, C, and scripting languages

Interested candidates please contact [mailto:rfly@salesforce.com Robert Fly]