Senior Staff Software Engineer, Security - Slack

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to avoid duplicating efforts.

Software Engineering

About Salesforce

We're Salesforce, the Customer Company, inspiring the future of business with AI, Data, and CRM. We help companies across industries blaze new trails and connect with customers in innovative ways, empowering you to be a Trailblazer in your career and personal growth. If you believe in business as a platform for positive change, you're in the right place.

Our security team upholds Slack's mission: make people's working lives more secure. We focus on protecting our infrastructure, operations, and customer data, adopting a systemic approach to security with a low friction, high-impact model.

Slack Security Engineering is hiring a curious Senior Staff-level Blue Team Software Engineer to enhance our threat detection and collaborate on development efforts. A passion for development, operations, curiosity, and a desire to learn are key.

You will work directly with the Slack Security Engineering team, focusing on threat detection, logging, and remediation, aiming to maintain comprehensive records of actions taken to address unknowns.

Experience in Data Science/ML is preferred, starting with simple ML models for anomaly detection and evolving towards using LLMs for alerting and classification models to generate sophisticated alerts and feedback loops.

The ideal candidate is passionate about identifying IOCs and developing new detection features. Experience with APT tradecraft and threat intelligence is a plus.

The team comprises multidisciplinary engineers skilled in Go, Python, and scaling Elasticsearch, with a cautious approach to AI adoption, utilizing modern AI tools like Cursor.

This role supports our US-based, distributed SecOps team, collaborating closely with teams in Melbourne and Auckland. Regular communication via Slack and Zoom is expected, along with participation in on-call rotations and broader engineering initiatives.

We value a positive, diverse, and supportive culture, seeking curious, inventive, and continuously improving individuals who are collaborative and humble.

• Identify and develop features and roadmaps to enhance tools protecting Slack's infrastructure and improve security and productivity.
• Detect threats and contribute to Slack's security posture.
• Develop eBPF tooling and author detections.
• Scale and operate infrastructure managing millions of events per second.
• Respond to incidents in our on-call rotation and investigate potential threats.

• Curiosity and creativity — a desire to understand why incidents happen.
• A drive to empower colleagues and produce maintainable, high-quality solutions.
• Motivation to solve problems thoroughly, not just patch issues.
• Eagerness to collaborate across teams and foster an inclusive environment.
• Broad knowledge of security concepts like MFA, Zero Trust, secrets management.

• Proficiency with AWS or other cloud providers.
• Experience with Elasticsearch/Kibana or Google Chronicle/SecOps.

If you need assistance due to a disability, please submit a request via the Accommodations Request Form.

Salesforce is an equal opportunity employer committed to diversity and inclusion. We evaluate all candidates based on merit, qualifications, and experience, without discrimination based on protected characteristics. We consider qualified applicants with arrest and conviction records in accordance with applicable laws.

Salary ranges vary by location: $230,700 to $351,800 for Washington, and $251,900 to $384,100 for California. Compensation includes salary, incentives, equity, and benefits. More info: salesforcebenefits.com.