You are viewing a preview of this job. Log in or register to view more details about this job.

Enterprise Security Intern

Trust is the #1 value at Salesforce. Our Enterprise Security Advisory team secures our enterprise environment that serves our rapidly expanding workforce. We are a team of innovative security professionals who specialize in secure designs, threat modeling, penetration testing, and tool development.

In this role, you will partner closely with technology and business partners to understand their objectives, identify threats within applications and infrastructure, advise on secure best practices, and scale our enterprise security programs. You will collaborate with our Business and IT organizations and champion security requirements in the selection, development, and integration of a wide range of technologies. You will also have the opportunity to identify emerging threats and design new tools and processes that balance security and business agility across Salesforce.

Responsibilities:

Perform black-box penetration testing and code reviews of our flagship services, product offerings and partners apps.

Implement the technology organization's security and privacy initiatives by participating in design reviews and threat modeling.

Participate in our incident response and vulnerability remediation efforts.

Perform ground breaking applied research on new attacks and present new findings to both internal and external audiences.

Evaluate application security tools for internal consumption. Develop new automation and tooling to improve our detection and prevention capabilities.

Develop secure code practices and provide hands-on training to developers and quality engineers.

Minimum Qualifications:

Enrolled and working towards obtaining a BS/MS/PhD in Computer Science or related field. Please note that in order to be eligible for an internship, we require that you be returning to school the following quarter/semester to work towards completing your degree

Must be attending a College or University in North America

Basic knowledge of security concepts based on relevant courses, self-learning or past internships

Familiarity with identifying and protecting against web application and web service security vulnerabilities including those found in the OWASP Top 10 and CWE Top 25

Relevant development experience in these languages: Java, JavaScript, Python

Familiarity with application and network security

Attacker mentality: Passion for breaking all the things unbreakable

Preferred Qualifications:

Knowledge of force.com platform (Apex, VisualForce, Aura…) and the Salesforce application

Contributions to the security community such as research, public CVEs, bug-bounty recognitions, open-source projects, and blogs or publications

Familiarity with security tools such as static analysis, runtime analysis, black-box testing

Prior work experience in an application security role

For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.