Note: The job is a remote job and is open to candidates in USA. Salesforce is the #1 AI CRM, where humans with agents drive customer success together. They are seeking a Senior Offensive Security Engineer (Red Team) to execute advanced offensive security operations, design real-world adversary simulations, and improve security capabilities across the organization.
Responsibilities
- Execute hands-on red team operations simulating real-world threat actors across applications, platforms, cloud infrastructure, and enterprise environments
- Identify, exploit, and chain high-impact vulnerabilities and weaknesses to achieve defined attacker goals
- Perform advanced offensive activities, including:
- Manual exploitation and attack chaining
- Abuse of identity, authorization, and trust relationships
- Bypassing security controls and detections
- Contribute to the design and execution of end-to-end attack campaigns under the guidance of the Red Team Director
- Develop a deep understanding of products and systems through the lens of adversary abuse and exploitation
- Collaborate closely with:
- Detection & Response teams to test alerts, visibility, and response workflows
- Incident Response teams during simulated incidents
- Engineering and platform teams to explain exploitation paths and root causes
- Produce clear, technically detailed findings that translate into actionable remediation guidance
- Contribute to tooling, automation, and tradecraft improvements, including collaboration with the AI-Automation team
- Share knowledge and mentor junior red team engineers, helping raise overall tradecraft quality
Skills
- Deep hands-on experience in offensive security, red teaming, or high-impact penetration testing
- Proven experience executing complex offensive engagements in production-like environments
- Strong understanding of adversary tactics, techniques, and procedures (TTPs)
- Strong understanding of identity and access abuse
- Strong understanding of application and infrastructure attack chains
- Strong understanding of cloud and hybrid enterprise attack surfaces
- Hands-on experience with manual exploitation and attack chaining
- Hands-on experience with writing custom scripts, tooling, or payloads
- Hands-on experience with bypassing security controls and detections
- Ability to clearly articulate how attacks were performed
- Ability to clearly articulate why defenses failed
- Ability to clearly articulate what mitigations will meaningfully reduce risk
- Strong communication skills and experience collaborating with security and engineering teams
Benefits
- Time off programs
- Medical
- Dental
- Vision
- Mental health support
- Paid parental leave
- Life and disability insurance
- 401(k)
- Employee stock purchasing program
Company Overview
Company H1B Sponsorship