Product Security Associate (College Grad)

Salesforce•Bellevue, WA

9d•$108,000 - $146,000

About The Position

About Salesforce Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn’t a buzzword — it’s a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all. Ready to level-up your career at the company leading workforce transformation in the agentic era? You’re in the right place! Agentforce is the future of AI, and you are the future of Salesforce. As a Product Security Associate, you will play a vital role in ensuring the integrity and security of our software and Build ecosystem. This role is designed for a technically proficient engineer who is passionate about building security into the foundations of the Software Development Lifecycle rather than treating it as an afterthought. You will work across modern build systems, cloud environments, AI coding tools and infrastructure and the security around them, to protect company data and assets.

Requirements

Linux/Unix Systems: Foundational knowledge of Linux environments, including command-line proficiency, file system security, and process management.
Programming & Scripting: Ability to read and write code in at least one major language (e.g., Python, Go, JavaScript…). You should be comfortable performing basic code reviews for security logic.
Build Systems: Understanding of how code moves from a developer’s machine to production, including experience with containerization (Docker/Kubernetes).
Networking Fundamentals: Understanding of core networking concepts such as TCP/IP, DNS, TLS/SSL, and how they apply to securing distributed software systems.
Cloud Foundations: Familiarity with at least one major cloud provider and an understanding of “Infrastructure as Code” (Terraform or CloudFormation).
Strong background in Computer Science or a related engineering discipline
Must be located in North America
Academic, professional or internship experience working in a professional engineering or cybersecurity environment
Fluency in software coding and code reviews

Nice To Haves

Knowledge of application and cloud security
Knowledge of securing AI systems
Knowledge with CI/CD pipelines
Knowledge of Linux

Responsibilities

Secure SDLC Integration: Collaborate with engineering teams to integrate security checkpoints into the Software Development Life Cycle (SDLC) without slowing down the pace of innovation.
Pipeline & Build Security: Harden CI/CD pipelines (e.g., Jenkins, GitHub Actions) to prevent unauthorized code injection and ensure the integrity of build artifacts.
Software Supply Chain Defense: Monitor and secure the software supply chain by verifying third-party dependencies, managing Software Bill of Materials (SBOMs), and implementing provenance checks.
Cloud Infrastructure Security: Assist in securing cloud-native environments (AWS/GCP/Azure), focusing on resource configuration and secure deployment patterns.
AI Security & Governance: Evaluate and secure the use of AI coding assistants and LLM-integrated development tools, ensuring they adhere to secure coding standards and do not introduce risks of data leakage.
Automation & Tooling: Write scripts and basic applications to automate repetitive security tasks and integrate security tooling directly into developer workflows.