Staff Security Software Engineer, Vulnerability Management

Remote type: Office Tech-Flexible Locations:

• Georgia - Atlanta
• Washington - Seattle
• California - San Francisco

Time type: Full time Posted: 2 Days Ago Application deadline: April 30, 2026 (20 days left) Job requisition id: JR333578 Job category: Software Engineering

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn’t a buzzword — it’s a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all. Ready to level-up your career at the company leading workforce transformation in the agentic era? You’re in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

About Us

At Slack, we are committed to making people’s working lives more secure. We are serious about protecting our infrastructure, operations, and most importantly, our customers’ data. Our Vulnerability Management team plays a pivotal role in identifying, assessing, and mitigating security risks across our entire infrastructure. We take a systemic approach to security and strive to ensure we provide low friction, high-impact security across everything we do. Slack has a positive, diverse, and encouraging culture—we look for people who are curious, innovative, and work to be a little better every single day. In our work together we aim to be smart, humble, hardworking and, above all, collaborative. If this sounds like a good fit for you, read on ahead!

What you will be doing

As a Staff Software Engineer on the Vulnerability Management team, you will serve as a technical anchor for a team that builds and maintains the systems and tooling we rely on to detect, track, and remediate security vulnerabilities across our organization. You will drive technical strategy for how we automate and scale vulnerability management, work closely with security engineers, product teams, and infrastructure partners to tackle complex cross-functional challenges, and help raise the bar for how the team builds software. This is a high-impact, high-ownership role for someone who wants to do meaningful engineering work while shaping how security gets done at scale.

Key Responsibilities

• Own the technical architecture and roadmap for vulnerability management tooling,

including systems that automate identification, prioritization, tracking, and remediation of vulnerabilities across diverse ecosystems and environments.

• Lead the design and development of high-quality,

scalable engineering solutions, balancing long-term maintainability with practical needs of fast-moving security organization.

• Drive integration strategy across vulnerability scanners,

aggregation pipelines, and downstream systems, making principled decisions about data ownership, tool consolidation, and signal quality.

• Define and evolve metrics & reporting frameworks used to measure program effectiveness,

moving toward risk-based measurement rather than activity-based compliance tracking.

• Partner with cross-functional stakeholders including infrastructure,

platform engineering, and product security teams to embed security automation deeper into development lifecycle.

• Identify systemic gaps & ambiguous high-priority problems cutting across team boundaries,

propose solutions & drive them to completion with or without direct authority.

• Provide technical mentorship,

design reviews & code reviews to engineers on team, helping others grow & maintaining high standard of engineering craft.

Required Qualifications

• U.S. Citizenship or Permanent Residency (no visa sponsorship).
• 8+ years software engineering experience including security or platform engineering.
• Proficiency in Python with production-grade code experience.
• Experience owning end-to-end engineering projects.
• Understanding of vulnerability management concepts.
• Experience with security tooling integrations (vulnerability scanners,

SIEM).

• Familiarity with CI/CD pipelines & modern software delivery practices.
• Strong communication skills across technical & non-technical stakeholders.

Nice-to-have Qualifications

• Experience with vulnerability management tools like Wiz,

Tenable/Nessus, Twistlock.

• Familiarity with compliance frameworks like FedRAMP or DoD IL5/IL6.
• Experience with large-scale vulnerability aggregation systems or data pipelines.
• Background in automated remediation workflows.
• Experience with cloud environments (AWS,

Azure, GCP) & containerized workloads.

• Contributions to security/software community via open-source projects or research.

Benefits & Accommodations Information

Support for work-life balance & AI tools accelerating impact at Salesforce. Reasonable accommodation requests available during application/recruiting process. Equal opportunity employer statement emphasizing non-discrimination based on protected classifications.

Compensation Details:

Typical base salary range: $197300 - $313700 annually; in select cities (San Francisco/New York City metro): $237700 - $344700 annually; salary range excludes bonuses/incentives/equity/benefits.

About Slack:

Slack is a messaging app for business organizing conversations into channels so everyone moves faster & stays in sync. It connects employees/customers/partners securely; integrates easily with apps; accessible on any device within an easy-to-use digital workspace; emphasizes diversity/inclusion/equal opportunity employment.