Lead Security Automation Engineer

SalesforceSan Francisco, CA
76d$200,800 - $276,100
Match Resume

About The Position

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a buzzword — it's a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all. Ready to level-up your career at the company leading workforce transformation in the agentic era? You're in the right place! Agentforce is the future of AI, and you are the future of Salesforce. Salesforce has one of the best Information Security teams in the world and growing this piece of the business is a top priority! Trust and security are Salesforce's number one value as a company. We are seeking a highly skilled and experienced Lead Member of Technical Staff (LMTS) to join our team and serve as the technical owner of the Security Information and Event Management platform. This role is pivotal in establishing the SIEM as the 'secure, reliable, and efficient cornerstone' of our security operations. You will be responsible for fundamentally transforming our ability to rapidly detect, prioritize, and automate responses to high-fidelity security incidents by addressing current pain points such as fragmented operations, pervasive data quality issues, and high Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR) metrics. The ideal candidate will have extensive hands-on experience in managing and operating large-scale enterprise security platforms, with a strong focus on data ingestion, system reliability, and automation. This is a strategic role that requires a blend of deep technical expertise, strong problem-solving skills, and the ability to drive change in a complex environment. A strong desire and demonstrated ability to apply transferable engineering skillsets to assist the broader team with other development needs as they arise. This includes the flexibility to step up and provide support in other engineering areas, helping to resolve roadblocks and contribute to the overall technical success of the organization.

Requirements

  • Proven experience in a senior technical role (e.g., LMTS) managing and operating security platforms in a large-scale enterprise environment.
  • Deep expertise with SIEM solutions, including direct, hands-on experience with CrowdStrike, Splunk, or Google Chronicle.
  • Strong understanding of data pipelines, including log ingestion from various sources (APIs, SQS, S3, SaaS platforms).
  • Experience with building observability services and monitoring key platform health metrics.
  • Demonstrated ability to drive change and automate processes, reducing manual effort and improving operational efficiency.
  • Experience with user access management and RBAC, particularly with SCIM-based access control.

Responsibilities

  • Serve as the primary technical point of contact for the SIEM platform.
  • Manage vendor relationships, including coordinating new feature enablement, tracking bugs, and holding the vendor accountable for system stability and availability.
  • Enforce a rigorous 'safe change' process to achieve 'zero manual changes' by routing all administrative actions through auditable, internal processes.
  • Act as the 'ultimate gatekeeper for the quality of data' within the NG-SIEM.
  • Define and enforce strict SIEM ingestion requirements, including format and enrichment processes, to ensure high-quality, structured, and contextualized log data.
  • Manage direct integrations from SaaS applications and other log sources, such as SQS and S3, to eliminate intermediate data hops and improve fidelity.
  • Oversee the availability and performance of the vendor SAAS platform, with a target uptime of 99.9%.
  • Build and maintain supporting services to monitor and alert on key metrics, including end-to-end log ingestion pipeline health, data freshness, data ingestion rate, and deviation from ingestion time.
  • Develop and implement services to automate platform changes and streamline processes.
  • Manage the full lifecycle of new feature enablement, from proof of concept and validation to controlled rollout.
  • Participate in on-call duties for platform-related incidents, ensuring timely remediation and documenting corrective actions.
  • Lead the team in making key architectural decisions and participate in design reviews.
  • Conduct code reviews to enforce best practices and ensure the delivery of high-quality, production-ready features.
  • Define and optimize workflows and processes to improve efficiency and reduce waste across our security operations.

Benefits

  • Time off programs
  • Medical, dental, vision
  • Mental health support
  • Paid parental leave
  • Life and disability insurance
  • 401(k)
  • Employee stock purchasing program

Stand Out From the Crowd

Upload your resume and get instant feedback on how well it matches this job.

Upload and Match Resume

What This Job Offers

Job Type

Full-time

Career Level

Senior

Industry

Professional, Scientific, and Technical Services

Job Search Resources

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service