Description
Salesforce is seeking a Software Engineer (MTS) to design and build compliance automation on the Salesforce Platform within Product Security. This role is ideal for a Salesforce Platform Developer who wants to apply their craft to a high-leverage problem: turning regulatory compliance from a manual, evidence-chasing exercise into an engineered system of record, automated controls, and agent-driven workflows.
You will extend our Salesforce-native Security & GRC Platform with new objects, Apex services, Lightning experiences, and Agentforce-powered workflows. You will lead and support AI-enabled tooling development for compliance platforms, risk governance, design reviews, vulnerability management, bug bounty programs, and more.
Responsibilities
Design and build features on the Security & GRC Platform: Data model extensions, Apex services, triggers, Flows, LWCs, and integrations that operationalize CCF controls across our compliance tooling portfolio.
Implement automated control testing and evidence evaluation: Translate CCF and SFSS requirements into configurable, machine-executable specifications on the platform.
Architect Agentforce workflows: Build LLM-powered workflows for signal triage, root-cause analysis, evidence evaluation, and audit narrative generation grounded in our GRC data model.
Build platform integrations: Connect Security & GRC Platform with enterprise systems (SIEM, cloud providers, HRIS, ticketing, GUS) using Salesforce APIs, Platform Events, and Named Credentials.
Develop monitoring dashboards: Build Lightning experiences and CRM Analytics dashboards that surface real-time control health, compliance drift, and remediation status.
Own data model decisions: Design canonical controls data models, evidence lineage tracking, and semantic normalization—with ownership of schema, sharing rules, and performance.
Partner with audit and engineering: Validate control specifications, test logic, and evidence requirements against SOC 2, ISO 27001, and PCI DSS standards.
Required Qualifications
5+ years Salesforce Platform development: Apex, SOQL/SOSL, Lightning Web Components, Flows, Platform Events, and Salesforce APIs (REST/SOAP/Bulk/Streaming)
Strong Apex and SOQL proficiency; working proficiency in SQL and Python for data engineering and integrations
Scalable platform design: Experience designing governor-limit-aware code, data models, and integration patterns (Named Credentials, External Services, async Apex)
Requirements translation: Demonstrated ability to translate complex compliance requirements into precise technical specifications and automated solutions
Data pipeline experience: Designing API integrations and ETL workflows to normalize data from multiple sources into canonical models
Compliance familiarity: Understanding of control testing, evidence collection, and audit requirements (SOC 2, ISO 27001, PCI DSS)—or strong appetite to learn
Ownership mindset: Take end-to-end responsibility for features and outcomes; proactively drive work forward and identify problems before they escalate
Technical excellence and collaboration: Software development background with strong engineering fundamentals; open information sharing, willingness to help teammates succeed, and constructive technical debate
Preferred Qualifications
Salesforce certifications: Platform Developer I/II, Application Architect, or System Architect
Experience with Agentforce, Einstein, or LLM frameworks integrated with Salesforce
Experience with compliance automation platforms (Vanta, ServiceNow GRC)
CRM Analytics / Tableau dashboard development for compliance reporting
DevOps on Salesforce: SFDX, source-driven development, CI/CD pipelines (Copado, GitHub Actions)
Compliance as Code (CaC) or policy-as-code engines (OPA, Checkov)
Cloud platform experience (AWS, GCP, Hyperforce) and their compliance/security primitives
Python development experience for automation scripts, integrations, and data engineering workflows