Senior Offensive Security Engineer (Red Team)
About The Position
Salesforce is seeking a Senior Offensive Security Engineer (Red Team) with a strong, hands-on attacker mindset to execute advanced offensive security operations across its products, platforms, and enterprise environment. This role is highly execution-focused. The engineer will work closely with the Red Team Director to design and carry out real-world adversary simulations, uncover high-impact attack paths, and validate how weaknesses can be chained to achieve meaningful attacker objectives. The emphasis is on real exploitation, depth, and impact, not checklist-driven testing. The role is key in translating red team operations into actionable insights that improve prevention, detection, and response capabilities across the organization.
Requirements
- Deep hands-on experience in offensive security, red teaming, or high-impact penetration testing.
- Proven experience executing complex offensive engagements in production-like environments.
- Strong understanding of: Adversary tactics, techniques, and procedures (TTPs), Identity and access abuse, Application and infrastructure attack chains, Cloud and hybrid enterprise attack surfaces.
- Hands-on experience with: Manual exploitation and attack chaining, Writing custom scripts, tooling, or payloads, Bypassing security controls and detections.
- Ability to clearly articulate: How attacks were performed, Why defenses failed, What mitigations will meaningfully reduce risk.
- Strong communication skills and experience collaborating with security and engineering teams.
Responsibilities
- Execute hands-on red team operations simulating real-world threat actors across applications, platforms, cloud infrastructure, and enterprise environments.
- Identify, exploit, and chain high-impact vulnerabilities and weaknesses to achieve defined attacker goals.
- Perform advanced offensive activities, including: Manual exploitation and attack chaining, Abuse of identity, authorization, and trust relationships, Bypassing security controls and detections.
- Contribute to the design and execution of end-to-end attack campaigns under the guidance of the Red Team Director.
- Develop a deep understanding of products and systems through the lens of adversary abuse and exploitation.
- Collaborate closely with Detection & Response teams to test alerts, visibility, and response workflows.
- Collaborate with Incident Response teams during simulated incidents.
- Collaborate with Engineering and platform teams to explain exploitation paths and root causes.
- Produce clear, technically detailed findings that translate into actionable remediation guidance.
- Contribute to tooling, automation, and tradecraft improvements, including collaboration with the AI-Automation team.
- Share knowledge and mentor junior red team engineers, helping raise overall tradecraft quality.
Benefits
- time off programs
- medical
- dental
- vision
- mental health support
- paid parental leave
- life and disability insurance
- 401(k)
- employee stock purchasing program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Senior
Education Level
No Education Listed
