Search 
jobs
Explore 
companies
My job alerts

Product Security Principal

Airkit

Airkit

Product
San Francisco, CA, USA
Posted on Dec 7, 2025
Apply now

Description

Job Title: Foundations Security Engineer - Principal Security Engineer

About the Role

Are you a visionary security leader passionate about shaping the security posture of critical cloud infrastructure and developer tooling at an enterprise scale? As a Lead or Principal Security Engineer within the Product Security Foundations team, you will be the driving force behind safeguarding Salesforce's foundational systems. In this highly impactful role, you will leverage your deep expertise in public cloud security (AWS and GCP) to drive risk reduction initiatives, fortify our cloud substrate configurations, and secure services deployed across our multi-cloud environment. Your expertise will be crucial in securing cloud infrastructure, including AWS and GCP substrate configurations and services deployed there. Additionally, you will apply your security leadership to fortify our build infrastructure services, including CI/CD pipelines and Source Code Management (SCMs), ensuring the integrity and security of our development processes. This is a unique opportunity to lead strategic security initiatives, discover and remediate systemic risks, and mentor other engineers, directly contributing to the security posture of one of the world's leading enterprise cloud companies.

Your Impact - Responsibilities

  • Lead Cloud Security Strategy: Architect, and drive security best practices across Salesforce's extensive public cloud infrastructure (AWS and GCP), ensuring robust configurations and secure deployments of critical services.

  • Systemic Risk Discovery, Remediation & Secure Cloud Substrate: Conduct in-depth security assessments to identify systemic vulnerabilities and recommend effective, scalable remediation strategies that span across our cloud ecosystem and product offerings. Deep dive into public cloud substrate configurations, ensuring the highest level of security for underlying infrastructure components and services.

  • Fortify Developer Infrastructure: Architect, and drive robust security controls for our essential Developer Infrastructure, including critical CI/CD pipelines, artifact repositories, and Source Code Management (SCM) systems, to maintain the integrity and security of our development processes.

  • Drive Security Innovation: Lead the research, evaluation, and adoption of cutting-edge security technologies and methodologies, driving the implementation of innovative solutions that significantly enhance Salesforce's overall security posture.

  • Cross-Functional Collaboration: Partner closely with engineering, operations, and product teams to embed security early in the development lifecycle and ensure security requirements are met.

  • Incident Response & Prevention: Contribute to incident response efforts related to cloud and infrastructure security, focusing on root cause analysis and implementing preventative measures.

Minimum Requirements

  • Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field. Equivalent experience may be considered.

  • 10+ years of experience in security engineering, with a significant portion focused on cloud security in large-scale enterprise environments.

  • Deep expertise in public cloud security across both AWS and GCP, including strong understanding of their security services, architecture, and best practices (e.g., IAM, network security, data encryption, compliance, configuration management).

  • Proven ability to identify, analyze, and drive the remediation of systemic security vulnerabilities and risks across complex systems.

  • Strong understanding of developer infrastructure security, including CI/CD pipelines, artifact repositories, and Source Code Management (SCM) systems.

  • Demonstrated ability to define clear, strategic roadmaps for discovering and mitigating security risks, seeing the "big picture" and translating it into actionable plans.

  • Exceptional communication and interpersonal skills, with a proven ability to influence and collaborate effectively with diverse stakeholders, including product teams, engineering teams, and senior executives.

  • Experience with security automation, scripting (e.g., Python, Go), and infrastructure as code (IaC) principles.

  • A proactive mindset with a strong sense of ownership and accountability.

  • Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent practical experience.

Preferred Qualifications

  • Experience demonstrating leadership in solving complex security challenges.

  • Relevant industry certifications (e.g., AWS Certified Security - Specialty, GCP Professional Cloud Security Engineer, CISSP).

For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.

Apply now
See more open positions at Airkit
Privacy policyCookie policy