×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Data Security Systems Engineer

Product Security Lead

Job in Bellevue, King County, Washington, 98009, USA
Listing for: salesforce.com, inc.
Full Time position
Listed on 2026-02-28
Job specializations:
  • IT/Tech
    Cybersecurity, Data Security, Systems Engineer
Salary/Wage Range or Industry Benchmark: 60000 - 80000 USD Yearly USD 60000.00 80000.00 YEAR
Job Description & How to Apply Below

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Product

Job Details

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a buzzword - it's a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all.

Ready to level-up your career at the company leading workforce transformation in the agentic era? You're in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

We are looking for a Lead Penetration Testing Engineer to execute deep, high-impact penetration testing across our applications, platforms, cloud infrastructure, and enterprise environments, including AI-powered features and systems.

This role is highly technical, hands-on, with a strong focus on real exploitation, attack chaining, risk impact, and with a hacker mindset, rather than checklist-driven testing. You will lead complex engagements end to end, ensuring findings are translated into concrete engineering improvements and mitigation.

In addition to execution, you will help shape the penetration testing strategy, scope engagements effectively, mentor other testers, and act as a trusted technical partner to engineering and security leadership.

Key Responsibilities

Lead and execute advanced penetration tests across:

  • Web applications and APIs
  • Cloud and hybrid infrastructure (k8, docker etc)
  • Identity, authorization, and trust boundaries
  • Internal and external enterprise attack surfaces
  • AI / ML-enabled systems (e.g., LLM-backed applications, Agentic AI)
  • Identify, exploit and demonstrate realistic business and risk impact

Perform advanced penetration testing activities, including:

  • Manual exploitation beyond automated tooling
  • Business logic and authorization abuse
  • Privilege escalation
  • Abuse of identity, access, and trust relationships
  • AI-specific offensive testing, including prompt injection, indirect prompt injection, and abuse of AI integrations

Own penetration testing engagements end-to-end via:

  • Scoping
  • Test execution
  • Risk assessment and prioritization
  • Clear reporting and remediation guidance
  • Develop deep technical understanding of systems and products to uncover systemic weaknesses, not just isolated bugs, including weaknesses introduced by AI-driven components.

Partner closely with:

  • Engineering teams to explain root causes and exploitation paths
  • Security architects and App Sec teams to influence design and guardrails
  • Detection & Response teams where findings have monitoring or alerting implications
  • Produce high-quality, technically detailed reports that clearly explain Exploitation path, missing /lacking Security Controls and Mitigation solutions
  • Contribute to tooling, automation, and testing frameworks where it improves scale or consistency (without replacing deep manual testing).
Required Qualifications
  • Deep hands-on experience in penetration testing, offensive security, or application security testing.
  • 5+ years of experience in penetration testing, offensive security, and vulnerability research.
  • Proven experience leading complex penetration testing engagements in production or production-like environments.

Strong understanding of:

  • Application security vulnerabilities and attack chains
  • Identity and access control failures
  • Cloud security and hybrid environments
  • Common defensive controls and their real-world limitations
  • Security risks specific to AI and LLM-based systems

Hands-on experience with:

  • Manual exploitation and vulnerability chaining
  • Custom scripts, payloads, or proof-of-concept development
  • Advanced use (and limitation awareness) of automated testing tools
  • Testing AI-powered applications and APIs

Ability to clearly articulate:

  • Exploitation mechanics and impact
  • Risk in business and engineering terms
  • Practical, prioritized remediation strategies

Strong communication skills and experience working directly with engineers, security teams,…

To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search