Update day: 05-12-2023
To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job CategoryProducts and Technology
The Security Assurance team is responsible for the security efforts for the AppExchange applications and Salesforce products. We are looking for a passionate manager who is subject matter expert in multiple security domains, and has managed a team of security engineers. The mission of the role is to help us maintain a trusted AppExchange marketplace.
We are very excited about hiring the first Security Assurance Team manager in India! You will be a Sr Manager, with a dual Individual Contributor and Manager responsibilities initially. As part of your management responsibilities, you will hire a team, and mentor them. You will help secure the AppExchange marketplace by conducting security reviews (design reviews, code reviews, security testing), and providing remediation guidance to Salesforce partners and Independent Software Vendors (ISVs). You will develop in-depth knowledge of the core Salesforce platform and how to build secure applications on the platform.
Hire, mentor, and grow the local team.
Become a security subject matter expert (SME) in Salesforce technologies including Apex, Lightning Web Components, Aura, and Visualforce.
Perform design reviews, code reviews and security testing of AppExchange marketplace applications.
Work with Partners and Independent Security Vendors and help them write secure AppExchange applications.
Continuously improve the AppExchange security review processes.
Identify and execute automation opportunities that help scale the security review process.
Strong people focus, and must have 3-5 years of people management experience.
8-10 years of experience with black box, grey box, and white box security/penetration testing of web applications, APIs, mobile applications and more.
Should be fluent with manual and automated code reviews to spot security issues.
Should have a good understanding of OAuth, SOAP and REST protocols.
Experience with performing threat modeling and architecture reviews.
Capability to look at the big picture/architecture and propose strategic security solutions.
Some experience with public cloud infrastructure security protections and weaknesses
Strong working knowledge of web application development and architecture, HTTP, and TLS.
Self-driven, passionate, and independent.
Be able to act as a multiplier via junior team members to accomplish more than the sum total of individual efforts.
Offensive mindset and the ability to think of and consider abuse and attack paths as well as the defensive mindset to think of recommendations to prevent them.
Scripting skills (our primary languages are Java, Ruby, Python, Go, but we’ll happily speak to candidates with other language backgrounds.)
Strong candidates will have worked with some of these and/or similar technologies:
Application Security tools like Burp, OWASP ZAP, brakeman, and other DAST and SAST tools.
Modern web technologies - Ember.js, Angular, React, Socket.io/Websockets.
Experience with Salesforce technologies is a plus.
If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.
At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org .
Salesforce welcomes all.
Click to apply for free candidate
⏰ 10-01-2024🌏 Baddi, Himachal Pradesh
⏰ 10-01-2024🌏 Rajkot, Gujrat
⏰ 10-01-2024🌏 Ludhiana, Punjab
⏰ 10-01-2024🌏 Pondicherry, Union Territories
⏰ 10-01-2024🌏 Daman and Diu, Union Territories
⏰ 10-01-2024🌏 Belgaum, Karnataka
⏰ 10-01-2024🌏 Daman and Diu, Union Territories
⏰ 10-01-2024🌏 Lucknow, Uttar Pradesh
⏰ 10-01-2024🌏 Siliguri, West Bengal
⏰ 10-01-2024🌏 Panchkula, Haryana