About this role
Senior Enterprise Security Engineer focusing on Pen Testing across Salesforce's environments. Performs full-stack security assessments, threat modeling, and supports secure development lifecycle across cloud and on-premises components.
Key Responsibilities
- Perform full stack security assessments across environments
- Threat model attacker methods
- Develop automated tooling for scalable security
- Collaborate with engineering teams for secure SDLC
- Define and develop security standards
Technical Overview
Scope includes web apps, OS and hardware, network, authentication services, and public cloud platforms (AWS, GCP, Azure) with tools Burp Suite, Nexpose, Nessus, Metasploit, Nmap; coding reviews in Java/JavaScript/Python; cloud design using Terraform; security standards and automation.
Ideal Candidate
The ideal candidate is a mid- to senior-level security engineer with 2-4 years in application and network security, strong pen-testing capabilities across web and cloud, and hands-on with common assessment tools. They should have cloud experience in AWS/Azure/GCP, programming skills in Java/JavaScript/Python, and strong communication to partner with teams.
Must-Have Skills
2-4 years of security experience (application and network securitypenetration testing)Hands-on security assessments using Burp SuiteNexposeNessusMetasploitNmapManual and tool-assisted code reviews (JavaJavaScriptPython)Cloud security experience (AWSAzureGoogle Cloud)Related technical degreeExcellent communication skills
Nice-to-Have Skills
Scripting in BashPowerShellPythonJavaJavaScript/Node.jsSecurity certifications: OSCPOSEPGCIHGCIAGPENGWAPTGMOBGPPACCNPCCNP SecurityCCIE SecurityKnowledge of Salesforce platform security
Tools & Platforms
Burp SuiteNexposeNessusMetasploitNmapAmazon Web ServicesGoogle Cloud PlatformAzureTerraformSAMLOAuthRadiusKerberos
Required Skills
2-4 years of security experience (application and network security)hands-on security assessments with Burp SuiteNexposeNessusMetasploitNmap; code reviews in Java/JavaScript/Python; cloud security in AWS/Azure/Google Cloud; related technical degree; excellent communication
Hard Skills
Burp SuiteNexposeNessusMetasploitNmapJavaJavaScriptPythonAmazon Web ServicesGoogle Cloud PlatformAzureTerraformSAMLOAuthRadiusKerberosThreat modelingSecure Development LifecycleCode reviews
Soft Skills
Excellent communicationTeam collaborationCollaboration with diverse stakeholdersProblem-solvingInterpersonal skillsAdaptability
Certifications
Required
OSCPOSEPGCIHGCIAGPENGWAPTGMOBGPPACCNPCCNP SecurityCCIE Security
Preferred
OSCPOSEPGCIHGCIAGPENGWAPTGMOBGPPACCNPCCNP SecurityCCIE Security
Keywords for Your Resume
enterprise security engineerpenetration testersecurity engineersecurity assessmentsweb applicationssamloauthkerberosawsamazon web servicesgoogle cloud platformazureterraformburp suitenessusmetasploitnmapjavajavascriptpythoncloud securitysecure development lifecyclecode reviewsthreat modelingoscposepgcihgciagpengwaptgmobgppaccnpccnp securityccie securityBurp SuiteNessusMetasploitAmazon Web ServicesGoogle Cloud PlatformAzureJavaPythonSAMLThreat modeling
Deal Breakers
No Bachelor's degree in a related technical field, Less than 2 years of security experience, Lack of hands-on Burp Suite/Nessus/Metasploit/Nmap experience, Lack of cloud experience (AWS/Azure/GCP)
Get matched to jobs like this
Luna finds roles that fit your skills and career goals — no endless scrolling required.
Create a Free Profile