Threat Management DevSecOps Engineer

at  Salesforce

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.
Job Category
Software Engineering
Job Details

ABOUT SALESFORCE

We’re Salesforce, the Customer Company, inspiring the future of business with AI+ Data +CRM. Leading with our core values, we help companies across every industry blaze new trails and connect with customers in a whole new way. And, we empower you to be a Trailblazer, too — driving your performance and career growth, charting new paths, and improving the state of the world. If you believe in business as the greatest platform for change and in companies doing well and doing good – you’ve come to the right place.
We are seeking skilled and experienced Security Engineers to join our DnR Threat Management Team in a high visibility and impact role for the initial migration, and long term management of our security information and event management (SIEM) infrastructure, data, and detection logic from Nirvana Splunk to Google Chronicle. In this role, you will be responsible for overseeing the log/data migration process, ensuring seamless integration of logs and maintaining the system’s performance and security posture, and the daily (ongoing) Development Security Operations of the Google Chronicle Platform (SIEM).

QUALIFICATIONS:

• Experience will be evaluated based on alignment to the core competencies for the role (e.g. extracurricular leadership roles, military experience, volunteer work, etc.)
• Min 5+ years of experience in information security, with a focus on security engineering and analysis.
• Hands-on experience with SIEM platforms.
• Strong understanding of security principles, threat detection techniques, and incident response procedures.
• Proficiency in scripting languages such as Python.
• Proficiency in coding Java or equivalent.
• Excellent communication skills, with the ability to effectively collaborate with cross-functional teams and communicate technical concepts to non-technical stakeholders.
• Adaptability and willingness to learn new technologies and methodologies in a fast-paced environment.
• If you are passionate about enhancing our organization’s security posture through effective migration and maintenance of security infrastructure, we encourage you to apply for this exciting opportunity.
• Salesforce is an equal opportunity employer and is committed to diversity in the workplace. We encourage applications from individuals of all backgrounds and experiences.
  Accommodations
  If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form .
  Posting Statement
  At Salesforce we believe that the business of business is to improve the state of our world. Each of us has a responsibility to drive Equality in our communities and workplaces. We are committed to creating a workforce that reflects society through inclusive programs and initiatives such as equal pay, employee resource groups, inclusive benefits, and more. Learn more about Equality at www.equality.com and explore our company benefits at www.salesforcebenefits.com .
  Salesforce is an Equal Employment Opportunity and Affirmative Action Employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Salesforce does not accept unsolicited headhunter and agency resumes. Salesforce will not pay any third-party agency or company that does not have a signed agreement with Salesforce .
  Salesforce welcomes all.

• Support the migration of SIEM infrastructure, logs, and detection logic from Nirvana Splunk to Chronicle, including data migration via common APIs, configuration setup, and integration with existing systems.
• Design and develop parsers for extracting structured data from log messages.
• Extend existing parsers to support new log formats or data sources.
• Collaborate with stakeholders to understand parsing requirements and ensure compatibility with existing systems.
• Test and validate parsers to ensure accuracy and efficiency.
• Document parser specifications and provide support for integration into the logging pipeline.
• Identify requirements for integrating new data sources or systems with the logging infrastructure.
• Develop custom connectors or plugins to ingest log data from diverse sources.
• Integrate third-party tools or services for enhanced log analysis and correlation.
• Conduct testing and validation of new integrations to ensure reliability and performance.
• Provide documentation and support for users utilizing new integrations.
• Identify opportunities for automation within the logging infrastructure and related processes.
• Develop scripts and workflows to automate repetitive tasks such as log ingestion, parsing, and analysis.
• Integrate logging tools and systems with other internal tools and platforms for seamless data exchange.