Description
About the Team
Salesforce AI Platform, Offensive Security is a team dedicated to building a standard AI platform for use across all Offensive Security operations. Our mission is to accelerate security research and offensive workflows by providing the infrastructure, AI harness, and orchestration layers necessary to scale our capabilities.
Role Overview
We are looking for SMTS/MTS talent to join the Salesforce AI Platform, Offensive Security team, a specialized group operating at the intersection of offensive security and artificial intelligence. This is a deeply hands-on engineering role focused on building the underlying "AI harness" and platform infrastructure that powers our autonomous offensive security operations.
The ideal candidate is a backend-first engineer who excels at designing modular, extensible systems. While you will be working within the Offensive Security organization, your primary objective is to build the software and orchestration layers that allow security research to compound and scale. You will translate complex requirements into reliable, production-grade systems that reason over large data sources and execute multi-step workflows.
What You'll Do
Design & Orchestration: Build and maintain agent-based AI automation workflows and the core components of our security platform, including state management, memory strategies, and context handling.
Platform Development: Develop scalable backend services and APIs that integrate with existing internal & external data sources to gather signals on potential targets.
AI Integration: Implement and optimize tool interfaces and execution logic for LLM-based systems, ensuring predictable and observable behavior.
Collaborative Engineering: Work closely with security practitioners and researchers to ensure platform outputs are actionable, relevant, and grounded in real-world data.
Required Qualifications
Experience: 2+ years (MTS) or 5+ years (SMTS) of professional software engineering experience, with a strong focus on backend or platform development.
Technical Depth: Proven ability to build production-grade, modular, and extensible systems using languages like Python, Go, or Java (Language not a hard requirement).
System Design: Strong software engineering fundamentals, including experience with API integration, distributed services, and large-scale data ingestion.
Mindset: A "builder" mentality with the ability to reason about failure modes and edge cases in complex, semi-autonomous systems.
Communication: Ability to translate complex technical architectures into clear mental models for both technical and non-technical stakeholders.
Security Domain: Familiarity with offensive security concepts, red teaming, or vulnerability research is a plus but not required.
Preferred Skills (Optional but Highly Valued)
AI/ML Frameworks: Experience building with RAG (Retrieval-Augmented Generation), MCP (Model Context Protocol) servers, or Agent-to-Agent (A2A) orchestration frameworks.
Automation: Experience with workflow engines, signal correlation systems, or autonomous DAST/SAST tooling.
Advanced AI: Hands-on experience operationalizing LLMs beyond simple prompt-response use cases, including stateful memory and task decomposition.
