Salesforce Security Engineer
Job Description
A Salesforce Security Engineer role at Amazon Web Services, based onsite in Dallas, TX, offering a salary range of USD 159,300 to 202,400 per year. The position focuses on securing Salesforce deployments through automated security scanning, detections, and guidance to reduce risk.
Responsibilities
- Develop and maintain automated security scanning and evaluation tools that verify Salesforce org configurations against defined security standards.
- Leverage deep Salesforce platform knowledge to identify security risks in profiles, permission sets, sharing rules, connected apps, session settings, and custom Apex code.
- Create detections for configuration changes that introduce security risk and implement escalation workflows to route findings to appropriate owners.
- Collaborate with service owners to interpret security findings, prioritize remediation, and implement secure configurations within their Salesforce environments.
- Write and refine security evaluations that measure operational maturity across the Salesforce fleet.
- Develop customer‑facing guidance, documentation, and training to help service owners resolve Salesforce security findings independently.
- Work with Amazon enterprise security teams to translate security requirements into Salesforce‑specific implementation patterns.
- Remain current with Salesforce platform releases, AI innovations, and security features, assessing their impact on Amazon’s security posture and updating tooling accordingly.
- Support other teams conducting security reviews, vulnerability analysis, and incident response when Salesforce expertise is required.
Requirements
- 2+ years of scripting, programming, and security code review in a common programming language (non‑internship) experience
- 2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non‑internship) experience
- Bachelor’s degree in a STEM field (Science, Technology, Engineering, Mathematics) or equivalent IT security experience
- Knowledge of networking protocols such as HTTP, DNS, and TCP/IP
- Experience using Salesforce
Technologies
- Salesforce, SOQL, Apex
- Salesforce platform APIs, OAuth, SAML, SSO
- Connected apps, Named credentials
- AWS infrastructure
Benefits
- Health insurance including medical, dental, vision, prescription, Basic Life & AD&D, with the option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, and Adoption/Surrogacy Reimbursement
- 401(k) matching
- Paid time off
- Parental leave
- Sign‑on payments and restricted stock units (RSUs)
Preferred Qualifications
- 2+ years of any combination of threat modeling, secure coding, identity management and authentication, software development, cryptography, system administration, and network security
- Knowledge of command line tools to troubleshoot protocols, analyze logs, or automate basic tasks
- Experience with AWS products and services
- Experience performing security activities across one or more SDLC phases, such as security design review, threat modeling, secure code review, and security testing
- 4+ years of hands-on Salesforce platform experience, including administration, security configuration, and development
- Proficiency in SOQL for data extraction and security detection, with working knowledge of Salesforce metadata schema and platform APIs