This job has expired, please see additional jobs below
Director, Product Management - Product Defense
Salesforce
San Francisco, CA, United States
Job Details - this job has expired, please see similar jobs below
Products and Technology
Job Details
Salesforce Core Engineering powers all application development for Salesforce Tech, Marketing and Product with leading-edge services, tools, and frameworks. As the Product Manager on the Salesforce Product Defense team, you will lead teams that build the core security of the Salesforce platform. You will keep the #1 Customer Success Platform secure by leading and driving the next generation of web-based security defenses. Our ideal candidate is passionate about protection against web vulnerabilities, secure frameworks, proper access checks and cross-site scripting prevention.
Responsibilities:
• Own the product vision. Be an expert on the use cases, the domain, and the broader market. Evangelize the vision to your customers, your team, and your stakeholders.
• Collaborate with multiple security areas like Input Validation, Content Isolation, and Privilege validation/escalation to define innovative solutions that resolve and mitigate security vulnerabilities in customer applications
• Build and deliver a roadmap that excites customers and colleagues alike by building a well defined backlog.
• Manage and expand relationships between Product Security and Engineering teams to deliver innovative solutions to hard cloud security challenges in the ever changing threat landscape.
• Embrace a culture that measures and rewards customer adoption and success. Define what success means for everything you release, before it's built. Develop ways to consistently define and monitor success.
• Represent Salesforce as a domain and product expert in all customer interactions, including industry and corporate events.
• Work with Product Security Root Cause Analysis teams to identify and deliver solutions to address security issues.
Experience/Skills Required
• 5+ years of experience in Product Security
• 3+ years of product management experience preferred, or equivalent responsibilities
• Proven ability to promote a vision that excites and inspires a cross-functional technical team
• Be able to prioritize and balance based on initiatives, customer feedback, and stakeholders.
• Understanding of/and experience in protecting web applications against the OWASP Top Ten exploits, such as XSS, CSRF, SQL injection, etc.
• Self-motivated, entrepreneurial, detail-oriented, challenged by accountability, and passionately curious
• Strong organizational, written and oral communication skills
• Creative thinker who thrives on solving large amorphous problems
• Affinity for agile development methodologies
• Ability to handle multiple competing priorities in a fast-paced environment
• Past experience working on Cloud and SaaS technologies is a plus
Experience/Skills Desired:
• Knowledge on preventing web UI attacks like Clickjacking
• Familiarity with MITM attacks
• Understanding of web security policy mechanisms such as HSTS and Certificate Transparency
• Expertise in cross origin request management and related domain policy controls
• Working knowledge of TLS, certificate management, cryptography and key management
• Understanding of the TLS protocol and certificates as well as protocol attacks such as POODLE and Heartbleed
• Prior product security work in a Software as a Service platform
Posting Statement
Salesforce.com and Salesforce.org are Equal Employment Opportunity and Affirmative Action Employers. Qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender perception or identity, national origin, age, marital status, protected veteran status, or disability status. Headhunters and recruitment agencies may not submit resumes/CVs through this Web site or directly to managers. Salesforce.com and Salesforce.org do not accept unsolicited headhunter and agency resumes. Salesforce.com and Salesforce.org will not pay fees to any third-party agency or company that does not have a signed agreement with Salesforce.com or Salesforce.org.
Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.