The Experience
Salesforce Enterprise Security is hiring a Senior and Lead Security Engineer for our Secure AI team to help assess and maintain the security of using AI tooling securely.
In this role, you will partner with business stakeholders and technology partners to assess and maintain the security of AI tooling, ensuring they meet or exceed Salesforce security requirements when deploying AI at scale. You will have the opportunity to identify emerging threats, design new processes that balance security and business agility, and share your expertise through internal events, conferences, and published research.
What You'll Actually Be Doing
Lead by performing in-depth and high-quality security assessments of emerging technology (AI tooling, agentic platforms, etc.) including architecture and design reviews, code reviews, and penetration tests.
Provide guidance to team members and prospective suppliers on Salesforce security requirements including remediation advice and potential feature enhancements.
Threat model common attacker methods to develop appropriate mitigation techniques, providing guidance that balances security requirements with functional requirements.
Develop automated processes and support improvement of tooling to identify and solve problems at scale.
Collaborate with engineering teams and business partners to drive solutions through a secure development lifecycle. Ideally would have development background.
Define and develop technical security standards and guidelines with business partners.
Research new technologies, emerging threats, and vulnerabilities for strategic planning and process improvements.
Use your writing and presentation skills to communicate at all levels in the organizations.
Possess the ability to communicate concisely, clearly, and intelligently to partners from a variety of backgrounds, including those who are non-technical.
You're Our Person If...
8+ years of experience in a security role
Experience with large language models (LLMs) and agentic systems — building, evaluating, or securing them
Familiarity with AI security attack surfaces including prompt injection, data exfiltration, privilege escalation in agents, and model supply chain risks
Excellent interpersonal, collaboration, critical-thinking, and communication skills
A related technical degree required
Even Better If...
Understanding of RAG architectures, classifier models, and how retrieval and generation pipelines work
Familiarity with security frameworks and certifications such as ISO 27001, SOC 2, PCI DSS, OWASP Top 10, CWE Top 25, and MITRE ATT&CK
Relevant BA/BS degree and/or certifications such as CRISC, CISSP, CCIE, CISM, CISA, or CCSK
Experience defining and communicating security remediation tasks to project and data owners
Based on 1,612 disclosed Security salaries on RoleSuite, the role pays a median of $142K/year, with most offers between $114K and $184K (10th–90th percentile: $92K–$219K).
See the full Security salary breakdown →