Salesforce Security Engineer

Salesforce Security Engineer

Salary : £85,000

Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible)

We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering.

You'll play a critical role in enhancing the security posture of our Salesforce platform-contributing directly to secure code practices, threat modelling, and security testing across our CI/CD pipeline.

This role is ideal for someone with engineering roots who has evolved into the security space and is passionate about improving security maturity in modern DevSecOps environments.

What You'll Do

• Lead and contribute to the security engineering of our Salesforce platform especially in the context of APEX code, API design, and secure development lifecycle.
• Apply the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity.
• Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns.
• Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle.
• Perform and refine security tests across APIs and applications within the Salesforce environment.
• Work collaboratively with platform engineers, developers, and the broader infosec team to embed security by design.
• Advise on approaches to code signing, policy enforcement, and change validation in a distributed Salesforce landscape.
• Explore and address the unique challenges of securing a Salesforce-first architecture, integrated across the broader estate.

What You Bring

• Hands-on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect.
• Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments.
• Exposure to or working knowledge of DSOMM, OWASP, and threat modelling methodologies.
• Experience integrating security into CI/CD pipelines, especially in complex enterprise platforms.
• Ability to approach platform security from an engineering-first mindset, not just compliance.
• Confident communicator who can translate technical security needs into engineering requirements.

If you're ready to play a key role in a transformative digital journey and have the expertise to lead high-performing engineering teams, we'd love to hear from you! Click "Apply" Or Email lauren.hamer@oliverjames.com