Lead Infrastructure Engineer-Vulnerability Management

Job Description

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.Job CategoryProducts and Technology Job DetailsJob DetailsThe Infrastructure Engineering Team (Threat and Vulnerability Management) is looking for a Vulnerability Management platform engineer to help in deployment, maintenance and operations of services supporting vulnerability scanning along with the skills to build the new generation platforms for identifying, classifying, scanning, and reporting security vulnerabilities in all Salesforce assets.Our team is looking for an experienced vulnerability management platform engineer to help implement next generation threat and vulnerability management platform driven through Infrastructure as a code(IaC) for deploying and managing large scale scanning platforms, covering a diverse collection of assets (e.g., servers, VMs, containers, network and mobile devices) and public cloud substrates.Our service must be highly scalable and available, capable of scanning and collecting information from millions of hardware and software assets, and provide our security teams with the ability to query and act on compliance-related events.Responsibilities

• Implementing and maintaining enterprise-wide vulnerability management infrastructure and platform.
• Assist in technical authority, vision, documentation of operational procedures and guidance to ensure the continued evolution of the TVM program.
• Learn and adapt to Salesforce security strategies, security goals, security objectives and security capabilities to provide a mature and effective vulnerability detection methodology.
• Design and implement vuln detection and inventory platforms for continuous assessment of threat and vulnerabilities, risk and policy compliance across Salesforce software and hardware assets
• Build platforms for extracting asset metadata across classes of assets (mobile, laptops, compute servers) and cloud substrates (on prem, AWS, GCP, Azure, etc)
• Advance and operate these security assessment platforms in a full DevOps model
• Operate in an Agile development environment, including participating in daily scrums
• Support the team s engineering excellence by performing code reviews and mentoring junior team members

Required Skills/Experience

• Industry experience 8 years, including:
  • 6 years experience in Threat and Vulnerability management operations.
  • 3 years experience in Public cloud, including history of building platforms in AWS, GCP, or Azure through Infrastructure as a Code(IaC).
• Education. M.Sc/M.Eng in Computer Science/Engineering or B.A/B.Sc. in same disciplines with equivalent years of experience
• Vuln scanning. Strong Knowledge of vulnerability management solutions, prior experience in vulnerability management and its related processes and procedures, multiple vulnerability scan tools for both Cloud and On-Prem scenarios (Qualys, Nessus, Rapid7, etc)
• Expertise in designing, implementing and operating high-scale distributed systems architectures and concepts, including the following:
  • High-performance, high-availability (99.999%) and self-recoverable systems
  • Configuration management systems, including Infrastructure-as-Code (IAC), Terraform, Puppet
• Operating systems. Development and software management on Linux (e.g., CentOS, RHEL) and Windows
• Programming. Proficiency in object-oriented and multi-threaded programming in at least one of the following languages: Python, Golang, Java
• Security. Strong fundamentals knowledge in security concepts: authentication/authorization frameworks (e.g., SSO, SAML, Oauth), secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI)
• Strong troubleshooting and debugging skills.
• Communication. Excellent oral and written communication skills
• Team. Ability to value team success beyond personal contributions

Desired Skills/Experience

• Platform development. Proven track of designing and coding large-scale PaaS or IaaS systems.
• Security based credentials highly desired (SSCP, GIAC GCUX, GSEC, GCED, GCIH, GCIA, etc)
• Understanding of security compliance standards and regulations (e.g., ISO 27001, PCI, SOC, FISMA, FedRAMP, HIPAA, GDPR)

Accommodations - If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.Posting StatementAt Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at Salesforce and explore our benefits.Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay any third-party agency or company that does not have a signed agreement with Salesfore.com or Salesforce.org.Salesforce welcomes all.,

Keyskills :
change managementidentity managementwindowstroubleshootingsecurity compliancemanagement systemsaffirmative actioniso 27001slaequal employment opportunityitilagile developmentmusic making