Sr Product Security Engineer
About The Position
About Salesforce Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn’t a buzzword — it’s a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all. Ready to level-up your career at the company leading workforce transformation in the agentic era? You’re in the right place! Agentforce is the future of AI, and you are the future of Salesforce. Job Profile Help secure AI products and models that are introducing industry-novel security risks and pushing established security boundaries Conduct secure design reviews and threat modeling for product teams — identifying risks, attack surfaces, and prioritizing mitigations early. Champion shift-left security practices — building security into the SDLC from ideation through deployment. Partner with product, and engineering teams to integrate security controls into distributed systems — including Micro-service architecture, cloud services, container platforms, and APIs. Support penetration tests, red team findings, and bug bounty remediation Surface security considerations for new domains such as AI/ML features, model pipelines, and agent frameworks.
Requirements
- The ability to think like an attacker, develop threat models and help teams reason through different approaches to reducing security risk
- Experience securing large-scale, distributed, cloud-native systems
- Experience in application/product/security engineering or a related technical security role
- Experience securing multi cloud platforms (AWS, GCP, Azure), multi-tenant SaaS, containerization and orchestration technologies such as Docker or Kubernetes
- Hands-on experience with secure development tools (SAST/DAST/IaC scanning), secure code review, and penetration testing
- Familiarity with at least one programming language (e.g., Java, Python, Go, JavaScript)
- Excellent communication skills — able to translate security risks to technical and non-technical stakeholders.
Nice To Haves
- Familiarity with AI/ML security risks (prompt abuse, model poisoning, RAG data leakage).
- Experience with or leading bug bounty, red team, or penetration testing programs.
- Contributions to open-source security projects or tools.
Responsibilities
- Help secure AI products and models that are introducing industry-novel security risks and pushing established security boundaries
- Conduct secure design reviews and threat modeling for product teams — identifying risks, attack surfaces, and prioritizing mitigations early.
- Champion shift-left security practices — building security into the SDLC from ideation through deployment.
- Partner with product, and engineering teams to integrate security controls into distributed systems — including Micro-service architecture, cloud services, container platforms, and APIs.
- Support penetration tests, red team findings, and bug bounty remediation
- Surface security considerations for new domains such as AI/ML features, model pipelines, and agent frameworks.
Benefits
- time off programs
- medical, dental, vision, mental health support
- paid parental leave
- life and disability insurance
- 401(k)
- an employee stock purchasing program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Education Level
No Education Listed
