Lead Software Engineer, Endpoint Security

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Job Details

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a buzzword - it's a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all.

Ready to level-up your career at the company leading workforce transformation in the agentic era? You're in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

The Enterprise Security Technology team builds and operates highly scalable, fault-tolerant, distributed systems to deliver cloud-scale security infrastructure & software across multiple public cloud platforms and Salesforce's internal infrastructure.

One of our key investments is in the area of Endpoint Security focusing on building a first class security defense system for Salesforce's Enterprise workloads.

About the position
We are seeking an Endpoint Security Engineer who will contribute to the architecture, strategy, and execution of endpoint security across the enterprise. You will help ensure the resilience, scalability, and integrity of endpoint defense mechanisms in support of the overall security posture.

Your primary focus will be to implement a consistent, risk-based, and standards-aligned approach to Endpoint Security, thereby configuring the Enterprise endpoints used on Salesforce networks, systems, and services so that they are able to adequately protect against threats that impact the confidentiality, integrity, and availability of Salesforce.

This is a hands-on technical role where you will contribute to implementing new services and adapting existing ones to meet the evolving needs of our business. You'll be a part of a broader team with responsibilities across the full spectrum of endpoint security, including endpoint hardening, malware and virus detection, application blocklisting, Endpoint Detection and Response (EDR), vulnerability scanning and cloud security posture management (CSPM). Your expertise will be instrumental in developing other services that leverage offerings from leading security vendors.

Responsibilities

• Support Endpoint Security Strategy & Architecture

• Contribute to defining the long-term technical roadmap for endpoint protection, including tools like CrowdStrike, EDR, Application Control, Vulnerability Scanning, etc.

• Assist in Deployments & Coverage

• Help ensure Enterprise-wide deployment of endpoint security tools, achieving high coverage by aligning tool capabilities to the enterprise device inventory (including rollout of agents across macOS, Windows, Linux, and mobile platforms).

• Maintain Governance & Compliance

• Support the definition and enforcement of policies, SOPs, and operational protocols for endpoint security tools. Help ensure that endpoint hygiene meets or exceeds regulatory and compliance requirements.

• Contribute to Automation & Resilience

• Assist in the design of robust automation pipelines-leveraging scripting-to reduce manual effort, enforce consistency, and support rapid incident response.

• Enhance Detection & Response Posture

• Contribute to architecting rigorous detection logic and response workflows, collaborate with SIEM, SOAR, and telemetry teams to integrate and tune event ingestion, alerting, and remediation across multiple systems.

• Innovate Security through Design

• Engage in threat modeling, vendor evaluation, and platform enhancements; assist in proof-of-concepts (PoCs) for new technologies that align with evolving security and business needs.

• Collaborate with security and engineering teams to integrate Endpoint services and ensure security policies are effectively enforced at scale.

• Partner with Product Management throughout the entire project lifecycle, from initial design and vendor selection to implementation and ongoing operations, ensuring projects are delivered on time and with high quality.

• Develop and maintain comprehensive documentation for security services, policies, and procedures.

• Stay current with the latest threats and technologies in the cloud security and endpoint security landscape, actively seeking opportunities to innovate and improve our security posture.

About You

• Passionate about cloud and endpoint security, with a deep understanding of the attack surface and how to defend it.

• A strong collaborator and communicator who can work effectively with engineers, product managers, and leadership.

• Eager to learn new technologies and adapt to a fast-paced, evolving environment.

• A natural problem-solver who can take on complex technical challenges and find elegant, scalable solutions.

• Comfortable navigating between tactical and strategic work, from hands-on coding to high-level system design.

Required Skills/Experience

• 5+ years of experience in a hands-on security engineering role, with a strong focus on Endpoint Security Technologies & Solutions including EDR and vulnerability scanning tools.

• Experience of contributing to significant security projects with major vendors like Tenable, Tanium, CrowdStrike, Qualys, Palo Alto, or similar.

• Familiarity with CSPM solutions, including vendor products and cloud-native services from major providers (AWS, Azure, GCP).

• Practical knowledge of managing client-server architectures.

• Hands-on experience developing software using modern programming languages such as Go and Python.

• Strong problem-solving and analytical skills.

• Must have a fundamental understanding of accepted security practices, troubleshooting issues, and attack vectors.

• Practical use of Agile development practices and the software development lifecycle.

• Experience with configuration management tools and Infrastructure as Code (e.g., Terraform, Ansible).

• Background working in an enterprise environment.

• A related technical degree required.

Preferred Qualifications

• Some relevant security certifications.

• Familiarity with compliance frameworks and standards like NIST, ISO 27001, SOC 2, and FedRAMP.

• Operational knowledge of Client operating systems like Windows, Linux, Mac, and mobile platforms.

Unleash Your Potential

When you join Salesforce, you'll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best, and our AI agents accelerate your impact so you can do your best. Together, we'll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future - but to redefine what's possible - for yourself, for AI, and the world.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that's inclusive, and free from discrimination. Know your rights: workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.