Description
Role Overview
We are looking for an experienced cyber security expert who will serve as Red Team Director with a deep hands-on offensive security mindset to lead and execute real-world adversary simulations across our products, platforms, and enterprise environment.
This role goes beyond Red Team exercises or reporting findings, you will actively uncover weaknesses in our products and features and use them as pivotal entry points to demonstrate how attackers can move from product abuse to broader platform, customer, or enterprise compromise, driving measurable improvements in security controls and Detection & Response capabilities.
You will lead and participate in red team operations, work as a trusted partner to engineering and Detection & Response teams to measurably raise the organization’s security resilience against real attack scenarios.
Key Responsibilities
Lead and Execute hands-on Red Team operations simulating real-world threat actors across applications, platforms, cloud infrastructure, and enterprise environments.
Deeply understand our products through the lens of adversary abuse and exploitation
Design and conduct attack campaigns, emulating various attack scenarios.
Focus on high-impact weaknesses and chained vulnerabilities to achieve goals.
-
Actively perform offensive activities, including:
Engage with the AI-Automation team to develop sophisticated tools and frameworks.
Manual exploitation and chaining of weaknesses.
Abuse of identity, authorization, and trust relationships.
-
Drive Adversary-Centric thinking by:
Simulating realistic attacker objectives towards Salesforce and constraints
Prioritizing paths that lead to meaningful business impact
-
Partner with:
Detection & Response teams to test and improve visibility, alerts, and response metrics
Incident Response teams to evaluate containment and recovery effectiveness
Engineering and platform teams to explain exploitation paths and root causes
Reporting that will reflect a clear, actionable remediation guidance that improves security at scale.
-
Influence security strategy by:
Identifying recurring attack paths and systemic gaps
Recommending architectural, platform, and process-level improvements
Upskill Red Team operators and offensive security engineers, raising operational maturity and tradecraft quality.
Required Qualifications
Deep expertise in Offensive Security, Red Teaming/High Impact Pentesting, with a strong attacker mindset.
Proven personal experience executing Red Team/High Impact Pentesting engagements.
-
Strong understanding of:
Adversary tactics, techniques, and procedures (TTPs)
Identity and access abuse
Application/infrastructure attack kill chains
Cloud and hybrid enterprise attack surfaces
-
Hands-on experience with:
Manual/Automatic exploitation and attack chaining
Writing custom tooling, scripting, or payload development
Bypassing security controls and detections
-
Ability to clearly articulate:
How attacks work
Why defenses failed
What changes will meaningfully reduce risk
Communication skills and experience collaborating with security and engineering teams
Preferred Qualifications (Advantage)
Experience running Red Team Operations, Cyber-Research, and/or High impact Pentesting.
Research & Disclosure and Track record of discovering and responsibly disclosing security vulnerabilities through CVEs, Publications, Blogs or event Talks/Presentations
Malware analysis experience with practical real-world threat actor knowledge
Background in threat simulation, adversary emulation, or breach-and-attack methodologies.
Experience improving Detection & Response through Red/Purple team collaboration.
Familiarity with cloud architectures, identity, security models, and large systems.
For roles in San Francisco and Los Angeles: Pursuant to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records.