We are looking for Systems Security Engineers to help support our growing production security team. We work hand-in-hand with the Technical Operations Engineering teams and Information Security to ensure the highest level of security around our applications and production datacenters.
As a key member of our team, the Sr. Systems Security engineer will work on the 'front lines' of the Salesforce.com production environment, protecting our critical infrastructure and our customers' data. The Sr. Systems Security Engineer is responsible for enhancing the security of our production Unix systems, developing the tools to help us maintain and report on our security posture, ensuring we maintain our external security certifications, and deploying and maintaining the security systems in our production datacenters.
· Definition and enforcement of network and system security policies
· Management/Review of systems host security configuration and architecture
· Unix system vulnerability assessment/remediation, including the assessment/deployment of vendor security updates
· Support ongoing and new security/compliance initiatives
· Security incident response in coordination with other teams across the company and/or externally as required
· Deploy and manage system security, remote access, and authentication systems
· Design and development of tools to automate security or security reporting tasks
· This is a full-time position at our headquarters in San Francisco, CA
· Job level dependent on experience
· Demonstrated solid understanding of general Unix/Linux systems administration (Or similar)
· Experience working in high-availability, 24x7x365 large-scale multi-data center environments.
· Experience defining security policy as it applies to unix systems, setting standards, and driving adoption across a large organization
· Experience with HIDS/HIPS, system auditing frameworks, etc.
· Candidate MUST have extensive experience working in structured change management processes for highly available enterprise networks.
· Working knowledge of standard Unix infrastructure tools. (DHCP, DNS, NTP, SYSLOG, SSH, IPSec etc)
· One or more scripting or programming languages (Perl, C, Shell, Python etc)
· BS/BA degree, or equivalent work experience
· U.S. citizen (U.S. born or naturalized) who does not hold dual citizenship. Agree to complete a Minimum Background Investigation (MBI) for a Moderate Public Trust position with the U.S. federal government.
· Network firewall security experience (access control list (ACL) management., secure remote management practices, IDS, etc
· Exposure to open source infrastructure management and automation tools
· Kerberos, TACACS+, RADIUS, multifactor authentication systems (SecurID, YubiKey, etc.)
· Directory services (LDAP, NIS, etc.)
· Apache HTTPd
· TLS and PKI
· Strong communication skills
· CISSP certification or other security based credentials desired (GIAC GCIH/GCIA, etc
Salesforce.com will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.