Salesforce Security Engineer

Salesforce Security Engineer



Salary : £85,000

Locations: Leeds, Manchester, Redhill, Tunbridge Wells, Bournemouth, or Bristol (Hybrid/Flexible)



We're looking for a Salesforce Security Engineer who brings strong engineering fundamentals and hands-on experience to the intersection of Salesforce development and security engineering.

You'll play a critical role in enhancing the security posture of our Salesforce platform-contributing directly to secure code practices, threat modelling, and security testing across our CI/CD pipeline.

This role is ideal for someone with engineering roots who has evolved into the security space and is passionate about improving security maturity in modern DevSecOps environments.



What You'll Do

* Lead and contribute to the security engineering of our Salesforce platform especially in the context of APEX code, API design, and secure development lifecycle.
* Apply the DSOMM (DevSecOps Maturity Model) and OWASP security principles to assess and uplift Salesforce security maturity.
* Own and improve pipeline security including static code analysis (SAST), dynamic application security testing (DAST), dependency checks, and secure deployment patterns.
* Conduct threat modelling for Salesforce-based estates, identifying and mitigating risks early in the development lifecycle.
* Perform and refine security tests across APIs and applications within the Salesforce environment.
* Work collaboratively with platform engineers, developers, and the broader infosec team to embed security by design.
* Advise on approaches to code signing, policy enforcement, and change validation in a distributed Salesforce landscape.
* Explore and address the unique challenges of securing a Salesforce-first architecture, integrated across the broader estate.



What You Bring

* Hands-on experience with Salesforce development (particularly APEX) and a deep understanding of how engineering and security intersect.
* Strong grasp of secure coding practices and experience running DAST/SAST on Salesforce environments.
* Exposure to or working knowledge of DSOMM, OWASP, and threat modelling methodologies.
* Experience integrating security into CI/CD pipelines, especially in complex enterprise platforms.
* Ability to approach platform security from an engineering-first mindset, not just compliance.
* Confident communicator who can translate technical security needs into engineering requirements.



If you're ready to play a key role in a transformative digital journey and have the expertise to lead high-performing engineering teams, we'd love to hear from you! Click "Apply" Or Email lauren.hamer@oliverjames.com