Product Security Lead

SalesforceBellevue, WA
19h

About The Position

About Salesforce Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn’t a buzzword — it’s a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all. Ready to level-up your career at the company leading workforce transformation in the agentic era? You’re in the right place! Agentforce is the future of AI, and you are the future of Salesforce. We are looking for a Lead Penetration Testing Engineer to execute deep, high-impact penetration testing across our applications, platforms, cloud infrastructure, and enterprise environments, i ncluding AI-powered features and systems. This role is highly technical, hands-on, with a strong focus on real exploitation, attack chaining, risk impact, and with a hacker mindset, rather than checklist-driven testing. You will lead complex engagements end to end, ensuring findings are translated into concrete engineering improvements and mitigation. In addition to execution, you will help shape the penetration testing strategy, scope engagements effectively, mentor other testers, and act as a trusted technical partner to engineering and security leadership.

Requirements

  • Deep hands-on experience in penetration testing, offensive security, or application security testing.
  • 5+ years of experience in penetration testing, offensive security, and vulnerability research.
  • Proven experience leading complex penetration testing engagements in production or production-like environments.
  • Strong understanding of: Application security vulnerabilities and attack chains Identity and access control failures Cloud security and hybrid environments Common defensive controls and their real-world limitations Security risks specific to AI and LLM-based systems
  • Hands-on experience with: Manual exploitation and vulnerability chaining Custom scripts, payloads, or proof-of-concept development Advanced use (and limitation awareness) of automated testing tools Testing AI-powered applications and APIs
  • Ability to clearly articulate: Exploitation mechanics and impact Risk in business and engineering terms Practical, prioritized remediation strategies
  • Strong communication skills and experience working directly with engineers, security teams, and leadership.

Responsibilities

  • Lead and execute advanced penetration tests across: Web applications and APIs Cloud and hybrid infrastructure (k8, docker etc) Identity, authorization, and trust boundaries Internal and external enterprise attack surfaces AI / ML-enabled systems (e.g., LLM-backed applications, Agentic AI)
  • Identify, exploit and demonstrate realistic business and risk impact
  • Perform advanced penetration testing activities, including: Manual exploitation beyond automated tooling Business logic and authorization abuse Privilege escalation Abuse of identity, access, and trust relationships AI-specific offensive testing, including prompt injection, indirect prompt injection, and abuse of AI integrations
  • Own penetration testing engagements end-to-end via: Scoping Test execution Risk assessment and prioritization Clear reporting and remediation guidance
  • Develop deep technical understanding of systems and products to uncover systemic weaknesses, not just isolated bugs, including weaknesses introduced by AI-driven components.
  • Partner closely with: Engineering teams to explain root causes and exploitation paths Security architects and AppSec teams to influence design and guardrails Detection & Response teams where findings have monitoring or alerting implications
  • Produce high-quality, technically detailed reports that clearly explain Exploitation path, missing /lacking Security Controls and Mitigation solutions
  • Contribute to tooling, automation, and testing frameworks where it improves scale or consistency (without replacing deep manual testing).

Benefits

  • Salesforce offers a variety of benefits to help you live well including: time off programs, medical, dental, vision, mental health support, paid parental leave, life and disability insurance, 401(k), and an employee stock purchasing program.
  • More details about company benefits can be found at the following link: https://www.salesforcebenefits.com.
© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service