Staff Security Software Engineer, Vulnerability Management (Software)

TL;DR

Staff Security Software Engineer, Vulnerability Management (Software): Building and maintaining systems and tooling to detect, track, and remediate security vulnerabilities across the organization with an accent on automating and scaling vulnerability management. Focus on tackling complex cross-functional challenges and raising the bar for how the team builds software.

Location: Georgia - Atlanta, Washington - Seattle, California - San Francisco

Salary: $164,000 - $313,700 annually. In select cities within the San Francisco and New York City metropolitan area, the base salary range for this role is $196,800 - $344,700 annually.

Company

Salesforce is the #1 AI CRM, where humans with agents drive customer success together.

What you will do

• Own the technical architecture and roadmap for vulnerability management tooling.
• Lead the design and development of high-quality, scalable engineering solutions.
• Drive integration strategy across vulnerability scanners, aggregation pipelines, and downstream systems.
• Define and evolve the metrics and reporting frameworks the team uses to measure program effectiveness.
• Partner with cross-functional stakeholders to embed security automation deeper into the development lifecycle.
• Provide technical mentorship, design reviews, and code reviews to engineers on the team.

Requirements

• U.S. Citizenship or Permanent Residency (Green Card holder). We are unable to provide visa sponsorship for this role.
• 8+ years of industry software engineering experience in security engineering, platform engineering, or infrastructure-adjacent domains.
• Deep proficiency in Python.
• Experience owning and delivering end-to-end engineering projects.
• Solid understanding of vulnerability management concepts.
• Experience building or maintaining integrations with security tooling.

Nice to have

• Hands-on experience with vulnerability management tooling such as Wiz, Tenable/Nessus, Twistlock, or similar products.
• Familiarity with compliance frameworks relevant to government or regulated environments, such as FedRAMP or DoD IL5/IL6.
• Experience working with large-scale vulnerability aggregation systems or homegrown data pipelines.
• Background in building automated remediation workflows.
• Experience with cloud environments (AWS, Azure, GCP) and containerized workloads at scale.

Culture & Benefits

• Benefits and resources support you to find balance and be your best.
• AI agents accelerate your impact so you can do your best.
• Equitable compensation practices that reflect the dynamic nature of labor markets across various regions.