About the job:
Salesforce’s Network Security team is seeking a Senior Manager/Director to lead the network security engineering efforts. You will be leading the team responsible for designing, building and maintaining innovative security services and solutions that support the needs of our internal and external customers. The team may work on any aspect of public cloud security, including Micro-Segmentation, Zero-Trust, Network ACLs, L4/L7 Firewall, WAF, mTLS, monitoring, and automation. As Senior Manager/Director of Software Development, you will manage a new development team responsible for designing, coding and maintaining such innovative security platforms. You will be responsible for hiring and retaining the best security talent around, growing your team and the people on it, and helping guide the technical direction.
- Are interested in growing, automating and developing cutting edge Network Security public cloud architecture, software, and tools; you thrive on building services to meet customer’s needs and clearly understand how security done properly is a massive business enabler
- Excellent technical skills, combined with excellent people management skills
- Keen reader of people, culture; builds the relationships to make things happen
- Highly functional in a dynamic, challenging environment
- Top notch communications and collaborative superstar
- Able to balance the needs of delivery with an agile mindset
- Hiring and retaining the best security talent around, growing your team and the people on it, and helping guide the technical direction.
- Lead the team developing distributed systems to deliver security controls at the network level in Salesforce’s public and private clouds. Such solutions cover but are not limited to network policy management, ACLs enforcement, distributed firewalls, DDoS and network protection for bare metal servers, containers, and VMs
- Lead research and implementation of new networking security solutions and platforms for intra- and cross-datacenter network flows
- Advance and operate these security scanning platforms in a full DevOps model
- Operate in an Agile development environment, including participating in daily scrums
- Support the team’s engineering excellence by performing code reviews and help setting best software development practices
- Partners with other engineering teams and executives to develop short- and long-term security, product and service strategies.
- Collaborate with other teams to solve security problems with minimal disruption to other business functions.
- Continuous improvement of policies, procedures and technology.
- Interact with industry experts, partners, internal staff and auditors.
- Work effectively as part of a geographically distributed team.
- Industry experience. 10+ years, including:5+ years experience in SaaS, PaaS or IaaS software development
- 5+ years experience in a high-availability 24/7 environment
- 5+ years of experience in public cloud environments (e.g., AWS, GCP, Azure, etc.)
- 5+ years of experience in developing Network Security Technologies like – Micro-Segmentation, Zero-Trust, Network ACLs, L4/L7 Firewall, WAF, mTLS solutions
- 2+ years of experience with Service Mesh, Istio, Envoy development and deployment
- Management experience. 5+ years of direct people management experience, with at least 5 direct reports.
- Network Security:Industry-level expertise in L4/Layer 7 Firewall & WAF Development
- Expertise in Network security platforms, including segmentation, ACLs, DPI, DDoS protection. Examples include:Software: iptables, ipsec, VPN, IDS, firewall management platforms, ACL compilers and tooling
- Hardware: switch ACLs, stateful firewalls, network segmentation, security zones
- Network control planes and agents (Calico, Flannel, Contiv, Contrail, OVN)
- OSI model and debugging network traffic
- Networking protocols (TCP/UDP, BGP, DNS, DHCP)
- Datacenter network architecture at software platform and hardware devices (NAT, VXLAN, overlay/underlay)
- Network security architectures and implementations in public clouds (e.g., AWS, Azure, GCP)
- Platform development. Proven track of developing and delivering large-scale PaaS or IaaS systems, especially for public cloud providers (e.g., AWS, Azure, GCP)
- Programming. Proficiency in object-oriented and multi-threaded programming in at least one of the following languages: Golang, Java, C++, Python
- Full-software ownership from idea to running in production: design, code, writing unit tests, performing integration tests, deploying to production, supporting the system in the production environments
- Operating systems. Development and software management on Linux systems (e.g., CentOS, RHEL)
- Security. Strong knowledge in security fundamentals: secure transport (e.g., SSL, TLS), identity management (e.g., certificates, PKI)
- DevOps mindset and strong ownership over owned code (test, monitor, deploy, maintain)
- Communication. Excellent oral and written communication skills
- Team. Ability to value team success beyond personal contributions
- Experience designing and operating network security technologies within public cloud environments.
- Strong distributed systems and architecture knowledge.
- Understanding of risks that can manifest in larger scale complex systems.
- Education. M.S in Computer Science/Engineering or B.S. in same disciplines with equivalent years of experience