Sr. Security Software Engineer, Vulnerability Management - Slack

Overview

Senior Software Engineer – Vulnerability Management. Build and maintain systems and tooling to detect, track, and remediate security vulnerabilities across the organization. Drive technical strategy to automate and scale vulnerability management and collaborate with security engineers, product teams, and infrastructure partners to address cross-functional challenges.

• Contribute to the technical architecture for vulnerability management tooling, including systems that automate identification, prioritization, tracking, and remediation of vulnerabilities across diverse ecosystems and environments.
• Design and develop high-quality, scalable engineering solutions balancing long-term maintainability with the needs of a fast-moving security organization.
• Drive integration strategy across vulnerability scanners, aggregation pipelines, and downstream systems; make principled decisions about data ownership, tool consolidation, and signal quality.
• Partner with cross-functional stakeholders including infrastructure, platform engineering, and product security teams to embed security automation deeper into the development lifecycle.
• Identify systemic gaps and high-priority problems spanning team boundaries; propose solutions and drive them to completion with or without direct authority.

• U.S. Citizenship or Permanent Residency (Green Card holder). We are unable to provide visa sponsorship for this role.
• 6+ years of industry software engineering experience, with meaningful time in security engineering, platform engineering, or infrastructure-adjacent domains.
• Deep proficiency in Python with a track record of production-grade, tested, maintainable code in complex systems.
• Experience owning and delivering end-to-end engineering projects from design through production deployment and ongoing operation.
• Solid understanding of vulnerability management concepts, including discovery, classification, prioritization, and remediation in enterprise environments.
• Experience building or maintaining integrations with security tooling such as vulnerability scanners, SIEMs, or similar platforms.
• Comfort with CI/CD pipelines, version control workflows, and modern software delivery practices.
• Experience communicating technical concepts clearly to engineers and non-technical stakeholders.
• Strong judgment in the face of ambiguity and a track record of asking the right questions before building.

• Hands-on experience with vulnerability management tooling (e.g., Wiz, Tenable/Nessus, Twistlock) in cloud or containerized environments.
• Familiarity with compliance frameworks (e.g., FedRAMP, DoD IL5/IL6).
• Experience with large-scale vulnerability aggregation systems or data pipelines that normalize findings across scanners.
• Experience building automated remediation workflows (e.g., automated PRs for dependency vulnerabilities, patch orchestration across ecosystems).
• Experience with cloud environments (AWS, Azure, GCP) and containerized workloads at scale.
• Contributions to open-source projects, published research, or conference talks in security or software.

Unleash Your Potential. You’ll have access to benefits and resources to achieve balance and maximize impact, including AI-enabled tools to accelerate your contributions. Salesforce provides a range of benefits related to time off, health, and financial security.

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, disability, veteran status, or other legally protected classifications. Details about compensation and benefits are provided as part of the applicant process where applicable.