Do you want to build security tools that protect a large fleet of Salesforce instances across Amazon? Are you interested in applying deep Salesforce platform knowledge to solve security challenges at this scale? Do you want to use AI to invent and simplify?
Salesforce Success Central (SFSC) delivers products and programs that improve the return on investment in Amazon's enterprise-wide Salesforce deployments. SFSC is looking for a Security Engineer with strong Salesforce platform expertise to build and maintain the tools that help service owners secure their Salesforce orgs. You will apply your knowledge of Salesforce security architecture, profiles, permission sets, sharing models, and platform APIs to develop automated security scanning and detection capabilities. You will deliver guidance to service owners on improving their operational maturity, and you will partner with Amazon security teams to implement standards across our Salesforce environment. We do more than find problems. We deliver enablement and automation that maintain more secure environments.
You will also build detections, create security evaluations, and deliver customer-facing experiences that make the secure path the easy path. You will serve as a trusted advisor to service owners, helping them interpret findings, prioritize remediation, and build security into their Salesforce operations from the start. This role includes hands-on engineering. You will design, code, and ship security tools built on AWS infrastructure and Salesforce platforms.
You will also partner with SecOps and security teams across Amazon, acting as the Salesforce subject matter expert who bridges platform-specific configurations with enterprise security requirements.
This role requires someone who brings a security engineering lens to Salesforce org configurations. You understand how authentication flows (SSO, OAuth, SAML), authorization models (profiles, permission sets, sharing rules, org-wide defaults), and third-party integrations (connected apps, named credentials, API access) introduce exposure. You can translate that deep security knowledge into automated evaluations and actionable guidance for teams with varying levels of Salesforce experience.
We have a team culture that encourages ownership and innovation. You will work with a small, collaborative team where your contributions have direct, measurable impact on the security posture of Salesforce at Amazon.
Key job responsibilities
- Build and maintain automated security scanning and evaluation capabilities that assess Salesforce org configurations against defined security standards
- Apply deep Salesforce platform knowledge to identify security risks in profiles, permission sets, sharing rules, connected apps, session settings, and custom Apex code
- Develop detections for configuration changes that introduce security risk, and deliver escalation workflows that route findings to the right owners
- Partner with service owners to interpret security findings, prioritize remediation, and implement secure configurations within their Salesforce environments
- Write and refine security evaluations that measure operational maturity across the Salesforce fleet
- Develop customer-facing guidance, documentation, and training that help service owners understand and resolve Salesforce security findings independently
- Collaborate with Amazon enterprise security teams to translate security requirements into Salesforce-specific implementation patterns
- Stay current with Salesforce platform releases, AI innovations, and security features, assessing their impact on Amazon's security posture and updating tooling accordingly
- Support other teams performing security reviews, vulnerability analysis, and incident response when Salesforce expertise is required
A day in the life
Your time splits across building, advising, and investigating. You write SOQL-based detections and Apex code that automate security checks, review scan results to triage new findings, and update detection logic when Salesforce releases change the threat surface. You meet with service owners to walk through remediation plans for exposed integrations or misconfigured access models. Security teams across Amazon reach out when they need Salesforce expertise to assess a risk or validate an architecture decision. No two days look the same, but each one connects platform knowledge to measurable security outcomes.
About the team
We value diverse experiences. If your career is just starting, hasn't followed a traditional path, or includes alternative experiences, we encourage you to apply. SFSC sits at the intersection of security, SaaS platform engineering, and enterprise operations. The team is small, so your work ships fast and has visible impact across the organization. You will build expertise in securing third-party platforms at a scale that few companies operate, and you will partner with security teams across Amazon who rely on your Salesforce knowledge to make decisions. We seek out and celebrate a diversity of ideas, perspectives, and technical backgrounds.
About AWS
Diverse Experiences
AWS values diverse experiences. Even if you do not meet all of the qualifications and skills listed in the job description, we encourage candidates to apply. If your career is just starting, hasn’t followed a traditional path, or includes alternative experiences, don’t let it stop you from applying.
Why AWS?
Amazon Web Services (AWS) is the world’s most comprehensive and broadly adopted cloud platform. We pioneered cloud computing and never stopped innovating — that’s why customers from the most successful startups to Global 500 companies trust our robust suite of products and services to power their businesses.
Inclusive Team Culture
Here at AWS, it’s in our nature to learn and be curious. Our employee-led affinity groups foster a culture of inclusion that empower us to be proud of our differences. Ongoing events and learning experiences, including our Conversations on Race and Ethnicity (CORE) and AmazeCon (gender diversity) conferences, inspire us to never stop embracing our uniqueness.
Mentorship & Career Growth
We’re continuously raising our performance bar as we strive to become Earth’s Best Employer. That’s why you’ll find endless knowledge-sharing, mentorship and other career-advancing resources here to help you develop into a better-rounded professional.
Work/Life Balance
We value work-life harmony. Achieving success at work should never come at the expense of sacrifices at home, which is why we strive for flexibility as part of our working culture. When we feel supported in the workplace and at home, there’s nothing we can’t achieve in the cloud.
AWS Sales, Marketing, and Global Services (SMGS) is responsible for driving revenue, adoption, and growth from the largest and fastest growing small- and mid-market accounts to enterprise-level customers including public sector. The AWS Global Support team interacts with leading companies and believes that world-class support is critical to customer success. AWS Support also partners with a global list of customers that are building mission-critical applications on top of AWS services.