Product Security Engineer - Data.com (a1k700000006eAcAAI) San Mateo, California
Product Security Engineer (SMTS), Data.com
San Mateo, CA
Salesforce.com has one of the best Information Security teams in the world and growing this piece of the business is a top priority! Our Information Security teams work hand in hand with the business to ensure the highest security around all of our applications. We are looking for a Product Security Engineer to provide security support for Data.com’s applications. You'll work closely with the technology organization to educate our team on secure application development and help in creating innovative security solutions for our product. Additionally, you will play a key role providing both strategic and tactical security advice and help in developing technology solutions which promote securing our customer's data and users.
We’re on a mission to transform the data industry by providing sales, marketing, and IT professionals with direct access to the most complete and accurate source of business data – all in the cloud. With over 30 million crowd-sourced business contacts and 200 million D&B verified companies, Data.com is the only solution in the market today with best-in-class global data available directly within Salesforce. Data.com, offers a startup opportunity within the leading enterprise cloud computing company in the world where you will be empowered to create and build the future of business data. As the fastest growing business unit within Salesforce, our goal is to build an organization of smart and ambitious people, committed to our mission of building the next billion-dollar business.
· Identify and understand the development practices, networks and infrastructure that make data.com successful.
· Recommend and build solutions/mitigation plans to help resolve risks.
· Guide the technology organization's security by participating in design reviews, Threat Modeling, and in depth security penetration testing of our code and systems.
· Provide input on application design, secure coding practices, log forensics, and log design and vulnerability remediation.
· Perform cutting edge research on new attacks, write white papers and present on those findings to internal audiences.
· Evaluate and build application security tools for internal consumption and drive usage of these tools.
· 5+ years work experience in an application security role.
· The ideal candidate will have in-depth experience identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25.
· Ability to demonstrate strategic thinking.
· Extensive problem solving and analytical skills.
· Extensive knowledge of the OWASP Top 10 and CWE Top 25.
· Extensive programming and application development experience in multiple languages such as Java, C, and scripting languages.