Lead/Senior/Experienced Penetration Tester

workהגשת מועמדות
  • pin_dropמיקוםתל אביב יפו
  • bubble_chartקטגוריהאבטחת מידע
  • schoolנסיון3-4 שנות ניסיון
  • workסוג משרהמשרה מלאה

תיאור משרה

Salesforce is one of the leading companies in the world and the 6# place on the Fortune List of the Top 100 "companies to work for" in 2020. Serving millions of customers around the world, its security really makes a difference! Salesforce has one of the best Information Security teams in the industry, and growing this piece of the business is a top priority! Trust and security are Salesforce's number one value as a company. As a result, we are striving to recruit the very top security talents available to grow our 1st security team.

We are looking for a lead/senior security engineer that wants to take their existing penetration testing, research, and infrastructure engineering skills to the next level. Join Salesforce’s world-leading pentest team and work within a dynamic and fast-moving cloud environment. The work will focus primarily on full-stack security assessments and will include conducting deep-dive penetration tests, security researches, and code review across multiple clouds, acquisitions, and first-party and public cloud environments; All to provide a cross-company risk reduction and have a real impact over Salesforce’s security posture.

Description:

  • Perform full-stack (Infra & Product security) grey and white box penetration testing;
  • Leverage code review skills to identify complex vulnerabilities within code.
  • Provide security guidance and recommendations to engineering and operational teams.
  • Develop security tools for the detection and prevention of security threats.
  • Collaborate with other security teams to provide insights & security knowledge share.


דרישות תפקיד

Technical Skills:

  • 4+ years of experience in infrastructure vulnerability assessments and remediation
  • 4+ years of experience in web-based vulnerability assessments (Pentest) and remediation
  • Experience with static and dynamic code analysis
  • Strong IaaS security skills, with a focus on AWS, Azure, GCP
  • Experience with Kubernetes/Docker
  • Experience with infrastructure-as-code, specifically Terraform
  • Strong scripting/development skills (ex: Python, Go, Ruby, Java, JavaScript, etc)
  • Experience fuzzing applications and protocols
  • Track record of bug bounty awards and/or CVEs / Public Security Articles
  • Knowledge of secure software development lifecycle (SDLC)
  • Experience performing code and infrastructure design reviews
  • Reverse Engineering/Exploitation capabilities
  • Familiarity with building, deploying, maintaining security controls
  • Proficiency in Linux systems engineering/operations
  • Understanding of Microsoft Windows Server/AD deployments


workהגשת מועמדות

Salesforce

על החברה

סיילספורס היא ענקית פתרונות הענן וה-CRM המובילה בעולם, מחברת בין חברות מכל הגדלים והתעשיות ללקוחותיהן. סיילספורס מאפשרת להן לנצל את הכוח הטמון בטכנולוגיה - ענן, סושיאל מדיה, בלוקצ׳יין, בינה מלאכותית. מרכז הפיתוח של החברה בישראל ממשיך לגדול, בעיקר באזורי Big Data ו-AI. עובדי החברה בישראל הם בעלי תרומה משמעותית לחידושים הטכנולוגיים בתחומים אלה שמשפיעים על מיליוני משתמשים בכל העולם.

account_balanceעוד על Salesforce