Salesforce Careers

Threat Intelligence Researcher – Salesforce Jobs


Website Salesforce

Position Summary:

As a Threat Intelligence Researcher, you will perform analysis on new and emerging threats to Salesforce, our Platforms, and our customers. You will be hands on performing research across multiple data sets during investigations and building capabilities to be situationally aware of everything that matters at Salesforce. This analysis will extract attacker TTPs, uncover unique attributes of their TTPs, and build attacker profiles with this data. You will be a critical part of the security organization and influencing security and our partners ensuring the trust of our environment and our platforms.

Key Responsibilities:

  • Write scripts and tools on the fly to help with analysis and build automation to aid the investigation or research the next time around
  • Managing threat data and create intelligence assessments and output in support of our incident response, threat hunting, threat detection, and security engineering missions
  • Identify new or existing threats and distill this information into concise finished intelligence to multiple internal partners, including executives
  • Build expertise on any threats targeting Salesforce and provide attribution to attacker activity when possible
  • Perform intelligence research during incident response, supporting multiple teams and drive direction of investigations based on knowledge of attackers

Required Education & Experience:

  • You have an understanding of existing and emerging threats to an organization spanning multiple industries and threat profiles
  • Experience with security analysis tools (Jupyter notebooks, Splunk, ElasticSearch, etc)
  • Experience with python, basic scripting, database tooling, and using automation platforms
  • Experience using Threat Intelligence Platforms, and building integrations with these platforms
  • Identify patterns and trends across various data sources and distill findings concisely
  • Experience with hunting/IR tools used for host and network analysis
  • 3-5 years as an intelligence researcher and tracking attackers through network and endpoint artifacts.
  • A capable communicator, you are able to engage others in the business at multiple levels to translate threat research into actionable recommendations to shape the business
  • Experience with threats in AWS, Microsoft Azure, and Google Cloud
Apply Here