Salesforce Security Engineer, Salesforce Success Central

Amazon.com, Inc.
Dallas, United States of America
7 days ago

Role details

Contract type
Internship / Graduate position
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 202K

Job location

Dallas, United States of America

Tech stack

API
Artificial Intelligence
Amazon Web Services (AWS)
User Authentication
Command-Line Interface
Software as a Service
Code Review
Computer Security
Computer Programming
Data Mining
DNS
Hypertext Transfer Protocols (HTTP)
Identity and Access Management
Intrusion Detection and Prevention
Network Security
Network Protocols
OAuth
Systems Development Life Cycle
Salesforce
Security Assertion Markup Language (SAML)
Secure Coding
Single Sign-On
Software Engineering
TCP/IP
Apex Code
Scripting (Bash/Python/Go/Ruby)
Core Api
Integration Frameworks
Salesforce Object Query Language (SOQL)
Vulnerability Analysis
Programming Languages

Job description

Do you want to build security tools that protect a large fleet of Salesforce instances across Amazon? Are you interested in applying deep Salesforce platform knowledge to solve security challenges at this scale? Do you want to use AI to invent and simplify?

Salesforce Success Central (SFSC) delivers products and programs that improve the return on investment in Amazon's enterprise-wide Salesforce deployments. SFSC is looking for a Security Engineer with strong Salesforce platform expertise to build and maintain the tools that help service owners secure their Salesforce orgs. You will apply your knowledge of Salesforce security architecture, profiles, permission sets, sharing models, and platform APIs to develop automated security scanning and detection capabilities. You will deliver guidance to service owners on improving their operational maturity, and you will partner with Amazon security teams to implement standards across our Salesforce environment. We do more than find problems. We deliver enablement and automation that maintain more secure environments.

You will also build detections, create security evaluations, and deliver customer-facing experiences that make the secure path the easy path. You will serve as a trusted advisor to service owners, helping them interpret findings, prioritize remediation, and build security into their Salesforce operations from the start. This role includes hands-on engineering. You will design, code, and ship security tools built on AWS infrastructure and Salesforce platforms.

You will also partner with SecOps and security teams across Amazon, acting as the Salesforce subject matter expert who bridges platform-specific configurations with enterprise security requirements.

This role requires someone who brings a security engineering lens to Salesforce org configurations. You understand how authentication flows (SSO, OAuth, SAML), authorization models (profiles, permission sets, sharing rules, org-wide defaults), and third-party integrations (connected apps, named credentials, API access) introduce exposure. You can translate that deep security knowledge into automated evaluations and actionable guidance for teams with varying levels of Salesforce experience.

We have a team culture that encourages ownership and innovation. You will work with a small, collaborative team where your contributions have direct, measurable impact on the security posture of Salesforce at Amazon., * Build and maintain automated security scanning and evaluation capabilities that assess Salesforce org configurations against defined security standards

  • Apply deep Salesforce platform knowledge to identify security risks in profiles, permission sets, sharing rules, connected apps, session settings, and custom Apex code
  • Develop detections for configuration changes that introduce security risk, and deliver escalation workflows that route findings to the right owners
  • Partner with service owners to interpret security findings, prioritize remediation, and implement secure configurations within their Salesforce environments
  • Write and refine security evaluations that measure operational maturity across the Salesforce fleet
  • Develop customer-facing guidance, documentation, and training that help service owners understand and resolve Salesforce security findings independently
  • Collaborate with Amazon enterprise security teams to translate security requirements into Salesforce-specific implementation patterns
  • Stay current with Salesforce platform releases, AI innovations, and security features, assessing their impact on Amazon's security posture and updating tooling accordingly
  • Support other teams performing security reviews, vulnerability analysis, and incident response when Salesforce expertise is required

A day in the life

Your time splits across building, advising, and investigating. You write SOQL-based detections and Apex code that automate security checks, review scan results to triage new findings, and update detection logic when Salesforce releases change the threat surface. You meet with service owners to walk through remediation plans for exposed integrations or misconfigured access models. Security teams across Amazon reach out when they need Salesforce expertise to assess a risk or validate an architecture decision. No two days look the same, but each one connects platform knowledge to measurable security outcomes.

About the team

We value diverse experiences. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, we encourage you to apply. SFSC sits at the intersection of security, SaaS platform engineering, and enterprise operations. The team is small, so your work ships fast and has visible impact across the organization. You will build expertise in securing third-party platforms at a scale that few companies operate, and you will partner with security teams across Amazon who rely on your Salesforce knowledge to make decisions. We seek out and celebrate a diversity of ideas, perspectives, and technical backgrounds.

Requirements

  • 2+ years of scripting, programming, and security code review in a common programming language (non-internship) experience
  • 2+ years of troubleshooting systems issues, analyzing logs, or automating basic tasks using command line tools (non-internship) experience
  • Bachelor's degree in a STEM field (Science, Technology, Engineering, Mathematics), or experience in IT Security
  • Knowledge of networking protocols such as HTTP, DNS and TCP/IP
  • Experience using Salesforce, * 2+ years of any combination of the following: threat modeling experience, secure coding, identity management and authentication, software development, cryptography, system administration and network security experience
  • Knowledge of command line tools to troubleshoot protocols, analyze log outputs, or automate basic tasks
  • Experience with AWS products and services
  • Experience performing security activities across one or more phases of the software development lifecycle (SDLC), such as security design review, threat modeling, secure code review, and security testing
  • 4+ years of hands-on experience with the Salesforce platform, including administration, security configuration, and development
  • Proficiency in SOQL for data extraction and security detection, with working knowledge of Salesforce metadata schema and platform APIs

Benefits & conditions

The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience, qualifications, and location. Amazon also offers comprehensive benefits including health insurance (medical, dental, vision, prescription, Basic Life & AD&D insurance and option for Supplemental life plans, EAP, Mental Health Support, Medical Advice Line, Flexible Spending Accounts, Adoption and Surrogacy Reimbursement coverage), 401(k) matching, paid time off, and parental leave. Learn more about our benefits at https://amazon.jobs/en/benefits .

USA, TX, Dallas - 159,300.00 - 202,400.00 USD annually

USA, WA, Seattle - 159,300.00 - 202,400.00 USD annually

About the company

Amazon Web Services (AWS) is the world's most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating - that's why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses. Inclusive Team Culture Here at AWS, it's in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness. Mentorship & Career Growth We're continuously raising our performance bar as we strive to become Earth's Best Employer. That's why you'll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional. Work/Life Balance We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there's nothing we can't achieve in the cloud. AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.

Apply for this position