Salesforce Security Engineer, Salesforce Success Central
Seattle, WA - USA
Job Summary
Salesforce Success Central (SFSC) delivers products and programs that improve the return on investment in Amazons enterprise-wide Salesforce deployments. SFSC is looking for a Security Engineer with strong Salesforce platform expertise to build and maintain the tools that help service owners secure their Salesforce orgs. You will apply your knowledge of Salesforce security architecture profiles permission sets sharing models and platform APIs to develop automated security scanning and detection capabilities. You will deliver guidance to service owners on improving their operational maturity and you will partner with Amazon security teams to implement standards across our Salesforce environment. We do more than find problems. We deliver enablement and automation that maintain more secure environments.
You will also build detections create security evaluations and deliver customer-facing experiences that make the secure path the easy path. You will serve as a trusted advisor to service owners helping them interpret findings prioritize remediation and build security into their Salesforce operations from the start. This role includes hands-on engineering. You will design code and ship security tools built on AWS infrastructure and Salesforce platforms.
You will also partner with SecOps and security teams across Amazon acting as the Salesforce subject matter expert who bridges platform-specific configurations with enterprise security requirements.
This role requires someone who brings a security engineering lens to Salesforce org configurations. You understand how authentication flows (SSO OAuth SAML) authorization models (profiles permission sets sharing rules org-wide defaults) and third-party integrations (connected apps named credentials API access) introduce exposure. You can translate that deep security knowledge into automated evaluations and actionable guidance for teams with varying levels of Salesforce experience.
We have a team culture that encourages ownership and innovation. You will work with a small collaborative team where your contributions have direct measurable impact on the security posture of Salesforce at Amazon.
Key job responsibilities
- Build and maintain automated security scanning and evaluation capabilities that assess Salesforce org configurations against defined security standards
- Apply deep Salesforce platform knowledge to identify security risks in profiles permission sets sharing rules connected apps session settings and custom Apex code
- Develop detections for configuration changes that introduce security risk and deliver escalation workflows that route findings to the right owners
- Partner with service owners to interpret security findings prioritize remediation and implement secure configurations within their Salesforce environments
- Write and refine security evaluations that measure operational maturity across the Salesforce fleet
- Develop customer-facing guidance documentation and training that help service owners understand and resolve Salesforce security findings independently
- Collaborate with Amazon enterprise security teams to translate security requirements into Salesforce-specific implementation patterns
- Stay current with Salesforce platform releases AI innovations and security features assessing their impact on Amazons security posture and updating tooling accordingly
- Support other teams performing security reviews vulnerability analysis and incident response when Salesforce expertise is required
A day in the life
Your time splits across building advising and investigating. You write SOQL-based detections and Apex code that automate security checks review scan results to triage new findings and update detection logic when Salesforce releases change the threat surface. You meet with service owners to walk through remediation plans for exposed integrations or misconfigured access models. Security teams across Amazon reach out when they need Salesforce expertise to assess a risk or validate an architecture decision. No two days look the same but each one connects platform knowledge to measurable security outcomes.
About the team
We value diverse experiences. If your career is just starting hasnt followed a traditional path or includes alternative experiences we encourage you to apply. SFSC sits at the intersection of security SaaS platform engineering and enterprise operations. The team is small so your work ships fast and has visible impact across the organization. You will build expertise in securing third-party platforms at a scale that few companies operate and you will partner with security teams across Amazon who rely on your Salesforce knowledge to make decisions. We seek out and celebrate a diversity of ideas perspectives and technical backgrounds.
About AWS
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description we encourage candidates to apply. If your career is just starting hasnt followed a traditional path or includes alternative experiences dont let it stop you from applying.
Why AWS
Amazon Web Services (AWS) is the worlds most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating thats why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
Here at AWS its in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences inspire us to never stop embracing our uniqueness.
Mentorship & Career Growth
Were continuously raising our performance bar as we strive to become Earths Best Employer. Thats why youll find endless knowledge-sharing mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home theres nothing we cant achieve in the cloud.
AWS Sales Marketing and Global Services (SMGS) is responsible for driving revenue adoption and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.
- 2 years of scripting programming and security code review in a common programming language (non-internship) experience
- 2 years of troubleshooting systems issues analyzing logs or automating basic tasks using command line tools (non-internship) experience
- Bachelors degree in a STEM field (Science Technology Engineering Mathematics) or experience in IT Security
- Knowledge of networking protocols such as HTTP DNS and TCP/IP
- Experience using Salesforce
- 2 years of any combination of the following: threat modeling experience secure coding identity management and authentication software development cryptography system administration and network security experience
- Knowledge of command line tools to troubleshoot protocols analyze log outputs or automate basic tasks
- Experience with AWS products and services
- Experience performing security activities across one or more phases of the software development lifecycle (SDLC) such as security design review threat modeling secure code review and security testing
- 4 years of hands-on experience with the Salesforce platform including administration security configuration and development
- Proficiency in SOQL for data extraction and security detection with working knowledge of Salesforce metadata schema and platform APIs
Amazon is an equal opportunity employer and does not discriminate on the basis of protected veteran status disability or other legally protected status.
Our inclusive culture empowers Amazonians to deliver the best results for our customers. If you have a disability and need a workplace accommodation or adjustment during the application and hiring process including support for the interview or onboarding process please visit for more information. If the country/region youre applying in isnt listed please contact your Recruiting Partner.
The base salary range for this position is listed below. Your Amazon package will include sign-on payments and restricted stock units (RSUs). Final compensation will be determined based on factors including experience qualifications and location. Amazon also offers comprehensive benefits including health insurance (medical dental vision prescription Basic Life & AD&D insurance and option for Supplemental life plans EAP Mental Health Support Medical Advice Line Flexible Spending Accounts Adoption and Surrogacy Reimbursement coverage) 401(k) matching paid time off and parental leave. Learn more about our benefits at TX Dallas - 159300.00 - 202400.00 USD annually
USA WA Seattle - 159300.00 - 202400.00 USD annually
Required Experience:
IC
About Company
Free shipping on millions of items. Get the best of Shopping and Entertainment with Prime. Enjoy low prices and great deals on the largest selection of everyday essentials and other products, including fashion, home, beauty, electronics, Alexa Devices, sporting goods, toys, automotive ... View more