Home
/
Comprehensive
/
Staff Product Security Engineer - Slack
Staff Product Security Engineer - Slack-July 2024
Philadelphia
Jul 5, 2025
ABOUT SALESFORCE
Salesforce brings companies and customers together in the number one Customer Relationship Management platform.
10,000+ employees
Technology
VIEW COMPANY PROFILE >>
About Staff Product Security Engineer - Slack

  Reference #: JR219761To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

  Job CategorySoftware Engineering

  Job Details

  About SalesforceWe're Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too - driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good - you've come to the right place.

  Slack enables people around the world to communicate and collaborate together, from the world's largest public companies to the smallest of startups. We take performance and reliability very seriously. A taste of our scale:

  During the week, our users spend over a billion minutes a day active in our product.

  At peak usage, a million messages a minute passed through Slack.

  Every day we see over 15 million simultaneously connected users

  For millions of people, Slack is their primary communication tool for work and more, and they expect it to be exceptionally reliable and fast year-round.About UsOur Product Security Assurance team supports the following tenet of Slack's mission: make people's working lives more secure. We're serious about protecting our infrastructure, operations, and most importantly our customers' data. We take a systemic approach to security and strive to ensure we provide low friction, high impact security across everything we do. As a member of the Product Security team, you care about shipping secure products and protecting Slack's users from bad actors. You are passionate about enabling our developers to deliver new features securely. You think about your job as not just identifying individual vulnerabilities but also finding effective ways to eliminate whole classes of them. Your work will directly impact the way millions of people, teams, and businesses get things done using Slack.Slack has a positive, diverse, and supportive culture-we look for people who are curious, inventive, and working to be a little better every single day. In our work environment, we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, read on ahead!What you will be doing

  Contributing security-focused feedback to engineers during all phases of the development lifecycle

  Performing technical security assessments on our web applications, native clients, internal services, and partner applications

  Seeking out opportunities to automate processes when appropriate

  Scaling the impact of our team through direct mentorship of our more junior team members

  Communicating risks to engineering staff through training and technical demonstration of vulnerabilities and secure design patterns

  Maintaining and creating secure development practices and programs for our engineering teams and external developers

  Acting as an ambassador for security within Slack

  Serving as a public representative for security at Slack by engaging periodically in internal and external speaking engagements

  Identifying emerging classes of vulnerabilities and developing solutions for them before they're a problem

  Efficiently scoping blackbox, whitebox, and graybox assessments to optimize security review time and resourcesWhat you should have

  Bachelor's degree in Computer Science, Engineering or related field, or equivalent training, fellowship, or work experience

  6+ years proven experience in security testing of web applications and native apps including Electron and iOS and Android mobile applications.

  Deep understanding of web application architecture and design principles

  Experience with Threat Modeling applicatio s using STRIDE or similar framework.

  Experience with websockets and protobuf a plus

  Strong written and verbal communication skills and ability to communicate with empathy when delivering constructive feedback regarding security matters to engineers and product designers

  Experience with manual secure code review in languages such as: JavaScript, Java, Python, Ruby, PHP, HackLang

  Familiarity with common web application testing tools for DAST, SAST, and IAST analysis such as Burp Suite, Snyk, and/or Semgrep

  Knowledge of authentication mechanisms like SAML, OAuth, etc.

  Knowledge of common security flaws and resolution as published by OWASP, SANS, etc.

  Knowledge of how to test code and applications across various platforms (iOS, Mac, Linux, Windows, Android, etc) for security and quality

  Ability to see patterns, commonalities and investigate complex issues

  Organizational skills to bring together and record detailed and accurate information about bugs and systemic issues

  Experience with Amazon AWS services and familiarity with Slack products is a plus

  Current or former security training or certifications such as SANS GWAPT, OSCP, OSWE or similar is a plus

  Public speaking engagements or published research is also a plus; a successful engineer in this role will be expected to represent Slack externally from time to time

  Though this is not primarily a development role, some background in software engineering in a collaborative and dynamic environment is a plus

  AccommodationsIf you require assistance due to a disability applying for open positions please submit a request via this .

  Posting StatementAt Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at  and explore our company benefits at .

  is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. does not accept unsolicited headhunter and agency resumes. will not pay any third-party agency or company that does not have a signed agreement with.

  Salesforce welcomes all.

  For Colorado-based roles, the base salary hiring range for this position is $175,600 to $254,700.

  Compensation offered will be determined by factors such as location, level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, benefits. More details about our company benefits can be found at the following link: https://www.salesforcebenefits.com.

  Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-par

Comments
Welcome to zdrecruit comments! Please keep conversations courteous and on-topic. To fosterproductive and respectful conversations, you may see comments from our Community Managers.
Sign up to post
Sort by
Show More Comments
SIMILAR JOBS
Assistant Mechanic
Additional Information The Member's Golf Club Job Number 24006932 Job Category Engineering & Facilities Location The Ritz-Carlton Sarasota, 1111 Ritz-Carlton Drive, Sarasota, Florida, United Stat
Environmental Services Aide - Full Time
Job Details Level Entry Job Location Main Campus - Staples, MN Position Type Full Time Job Shift NOC Description About Lakewood Lakewood Health System is a comprehensive rural healthcare system in ce
Project Manager - PD&E
In a world of possibilities, pursue one with endless opportunities. Imagine Next! When it comes to what you want in your career, if you can imagine it, you can do it at Parsons. Imagine a career work
DIRECTOR, CLINICAL EDUCATION AND CLINICAL ASSISTANT PROFESSOR
Position Summary: Ithaca College seeks a Director of Clinical Education and Clinical Assistant Professor for its Physician Assistant Studies graduate (PASG) program to begin June 15, 2024. The PASG p
Direct Support Assistant
Agency People With Developmental Disabilities, Office for Title Direct Support Assistant Occupational Category Health Care, Human/Social Services Salary Grade 09 Bargaining Unit ISU - Institutional S
PwC Private - Audit Manager
Specialty/Competency: Assurance Industry/Sector: Not Applicable Time Type: Full time Travel Requirements: Up to 20% A career within PwC Private will provide the opportunity to help private companies
Accountant
Company : Highmark Inc. Job Description : JOB SUMMARY Perform professional accounting work involving compilation, consolidation, and analysis of accounting and finance information for the production
Area Supervisor
Our values start with our people, join a team that values you! We are the nation’s largest off-price retailer with over 2,000 stores, and a strong track record of success and growth. Our focus has al
Deep Learning SW Engineer (Intern)
Company: Qualcomm Korea YH Job Area: Interns Group, Interns Group > Interim Engineering Intern - SW Qualcomm Overview: Qualcomm is a company of inventors that unlocked 5G ushering in an age of rap
Tom Ford - Make up & Fragrance Specialist - John Lewis - 22.5 Hours
Tom Ford - Make up & Fragrance Specialist - John Lewis - 22.5 Hours Brand: Tom Ford Description Make Up & Fragrance Specialist “It is my desire to create the first true luxury brand of the 21
Copyright 2023-2025 - www.zdrecruit.com All Rights Reserved