AI Security Architect

To get the best candidate experience, please consider applying for a maximum of 3 roles within 12 months to ensure you are not duplicating efforts.

Job Category

Product

Job Details

About Salesforce

Salesforce is the #1 AI CRM, where humans with agents drive customer success together. Here, ambition meets action. Tech meets trust. And innovation isn't a buzzword - it's a way of life. The world of work as we know it is changing and we're looking for Trailblazers who are passionate about bettering business and the world through AI, driving innovation, and keeping Salesforce's core values at the heart of it all.

Ready to level-up your career at the company leading workforce transformation in the agentic era? You're in the right place! Agentforce is the future of AI, and you are the future of Salesforce.

About Our Team

The Product Security organization is seeking a dedicated and experienced AI Security Architect to design and advise on security strategies to protect our AI systems, data, and products. You will define the strategy and technical implementation of an AI / ML secure development lifecycle, integrated with our existing software development lifecycle

This is a dedicated security role that demands a unique blend of deep AI system understanding and a strong adversarial security mindset. The AI Security Architect will champion the integration of security-by-design principles into all AI initiatives, proactively identifying and mitigating AI-specific vulnerabilities to safeguard Salesforce's intellectual property, customer data, and brand reputation.

This crucial role will drive a unified and cohesive AI security strategy throughout the entire Salesforce ecosystem, transcending traditional product and "cloud" boundaries. Recognizing that agentic AI necessitates a fundamental shift from siloed approaches, the AI Security Architect will foster a consistent and integrated security posture across all Salesforce products, ensuring a shared commitment to customer trust by influencing platform design with critical security context.

Impact - Responsibilities

Advise on Secure AI Platform Design & Guidance

Define Unified AI Security Standards & Best Practices

Work with BISOs to Drive Secure-by-Default and Trust Principles Across Clouds

Provide Deep Technical Input into Technology Security Evaluation & Risk Assessment

Ensure Cross-Alignment with Ethical AI, Legal, and Compliance

Manage Cutting-Edge Technology Security

Advise on Secure AI Platform Design & Guidance

Partner with engineering and development architects to advise on the secure architecture design for end-to-end AI systems, including data pipelines, model development and deployment (MLOps), and integration with existing enterprise systems. Provide security context, risk identification, and recommendations for scalable, reliable, and secure designs across all Salesforce clouds.

Define Unified AI Security Standards & Best Practices

Establish and enforce security architectural standards, design patterns, and best practices for AI development. Focus on ensuring robust, secure, and explainable AI systems with a consistent, unified security approach across all Salesforce products and clouds.

Work With BISOs to Drive Secure-by-Default and Trust Principles Across Clouds

Ensure that security is fundamentally ingrained in the design of all AI components from inception, reinforcing Salesforce's "Secure by Default" architecture and unwavering commitment to customer trust across the entire platform. This role will influence development practices to embed these principles.

Provide Deep Technical Input into Technology Security Evaluation & Risk Assessment

Evaluate and recommend appropriate AI technologies, frameworks (e.g., TensorFlow, PyTorch), platforms (e.g., cloud AI services), and tools from a security perspective, ensuring they align with our security requirements and risk appetite for a multi-cloud enterprise.

Ensure Cross-Alignment with Ethical AI, Legal, and Compliance

Work closely with legal, compliance, AI Research, and the Office of Ethical and Humane Use teams to embed responsible AI security practices consistently, and to align on consistent taxonomies, definitions, methodologies, and tooling for testing security, safety, and ethical alignment of AI models and systems. Champion ethical AI principles from a security standpoint, ensuring compliance with relevant data privacy regulations (e.g., GDPR, CCPA) and internal ethical guidelines across the entire Salesforce ecosystem.

Manage Cutting-Edge Technology Security

Stay continuously informed with the rapid pace of change in generative AI and related emerging technologies. Work with engineering architects to strategize for securely operationalizing, developing, and integrating these new technologies into the platform to maintain Salesforce's competitive advantage in the marketplace. Drive innovation in security controls tailored to these evolving advancements.

Stakeholder Engagement & Ecosystem Alignment

Act as a subject matter expert and trusted advisor on AI security architecture to senior leadership, engineering teams, product managers, and other stakeholders across all Salesforce products and "clouds," fostering cross-cloud alignment and a unified approach to AI security.

Work Towards Breaking Down Silos & Encouraging Collaboration

Proactively break down organizational silos and facilitate seamless collaboration between different product teams and clouds regarding AI security, driving a singular, consistent AI security posture across the entire Salesforce platform by influencing development and deployment practices.

Fostering Security Integration & Cross-Functional Partnership

Collaborate with the broader security organization (e.g., AppSec, Cloud Security, Incident Response) to integrate AI security into the overall enterprise security strategy and incident response plans, ensuring that cross-cloud AI security concerns are addressed comprehensively. This also includes close partnership with AI Research and the Office of Ethical and Humane Use to design security-related models, ensure comprehensive testing, and align on shared frameworks for ethical, safety, and security evaluation.

Active External Engagement

Represent Salesforce at industry conferences and forums on AI security, contributing to the broader AI security community and showcasing Salesforce's leadership in secure and ethical AI deployment across diverse product offerings.

Risk Identification & Management of AI Products

Lead comprehensive risk assessments across architecture, design, deployment, and runtime phases.

Oversee technical reviews, threat modeling, code / design reviews, and hands-on testing to uncover and mitigate risks.

Analyze diverse risk signals and discovery data to prioritize security activities and inform the product security roadmap.

Evaluating trade-offs of risk remediation strategies, recommending optimal solutions that balance security, functionality, and business objectives.

Evaluate and integrate responsible AI principles-including data governance, model integrity, explainability, and adversarial resilience-into core Agentforce engineering practices.

Collaborate with Security Customer Enablement, Privacy, and Legal teams to define secure AI usage frameworks and external trust communications.

Guide engineering teams through architecture reviews, code analysis, and red-team feedback loops for model-driven products.

Minimum qualifications :

A related technical degree required.

First-hand work with Machine Learning, Deep-Learning, or Artificial Intelligence.

Familiarity with current attacks on ML models, including adversarial examples, training data extraction, model extraction, and data poisoning.

Proven experience in developing new attacks and defenses for ML / AI enabled applications.

Proven communication, collaboration, and interpersonal skills with the ability to effectively communicate complex technical concepts to diverse audiences, including technical and non-technical teams.

An attacker's mindset; consider abuse and attack paths as well as the defensive mindset to recommendations to prevent them

A passion around improving the security development lifecycle and delivering security guidance to engineers in a language they understand.

Ability to work with data, identify trends and propose comprehensive mitigations that eradicate systemic security concerns.

Experience participating in an information security program and improving or proposing improvements to a secure development lifecycle

Threat modeling of security topics across infrastructure security & application security domains Understanding of TCP / IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements

Excellent writing and presentation skills.

Possess the ability to communicate concisely, clearly, and intelligently to cross functional teams.

Preferred Qualifications :

Proven ability to drive enterprise-ready features to release prioritizing Security and Availability without sacrificing usability

Strong technical aptitude; comfortable engaging with engineering on architecture, APIs, and platform implications

Experience working with InfoSec, Legal, and IT stakeholders at Fortune 500 companies

Demonstrated expertise in navigating security incident response efforts, including direct engagement with executive leadership, legal counsel, and external parties to resolve complex security issues.

Strategic thinker with an understanding of the evolving global threat landscape and its implications for millions of users.

Additional Exceptional Qualifications :

Experience with client side / browser security features like same origin policy, CORS, CSP, shadow DOM, Web Components, web development frameworks etc.

Experience with software development in one or more languages such as : JavaScript, Java, Python, Ruby, PHP, Go, TypeScriptSome experience performing penetration testing or familiarity with the process

5+ years proven experience in the following areas in a security engineering or research role : Securing products and infrastructure from the OWASP Top 10 and / or CWE Top 25

Exploiting web and web services security vulnerabilities such as cross-site scripting, cross site request forgery, SQL injection, DoS attacks, XML / SOAP, API attacks, etc.Public Cloud security architecture in one or more of the following : Amazon Web Services, Google Cloud Platform, Microsoft Azure, Alibaba Cloud, etc.

• LI-Y

Unleash Your Potential

When you join Salesforce, you'll be limitless in all areas of your life. Our benefits and resources support you to find balance and be your best , and our AI agents accelerate your impact so you can do your best . Together, we'll bring the power of Agentforce to organizations of all sizes and deliver amazing experiences that customers love. Apply today to not only shape the future - but to redefine what's possible - for yourself, for AI, and the world.

Accommodations

If you require assistance due to a disability applying for open positions please submit a request via this Accommodations Request Form.

Posting Statement

Salesforce is an equal opportunity employer and maintains a policy of non-discrimination with all employees and applicants for employment. What does that mean exactly? It means that at Salesforce, we believe in equality for all. And we believe we can lead the path to equality in part by creating a workplace that's inclusive, and free from discrimination. Know your rights : workplace discrimination is illegal. Any employee or potential employee will be assessed on the basis of merit, competence and qualifications - without regard to race, religion, color, national origin, sex, sexual orientation, gender expression or identity, transgender status, age, disability, veteran or marital status, political viewpoint, or other classifications protected by law. This policy applies to current and prospective employees, no matter where they are in their Salesforce employment journey. It also applies to recruiting, hiring, job assignment, compensation, promotion, benefits, training, assessment of job performance, discipline, termination, and everything in between. Recruiting, hiring, and promotion decisions at Salesforce are fair and based on merit. The same goes for compensation, benefits, promotions, transfers, reduction in workforce, recall, training, and education.

In the United States, compensation offered will be determined by factors such as location, job level, job-related knowledge, skills, and experience. Certain roles may be eligible for incentive compensation, equity, and benefits. Salesforce offers a variety of benefits to help you live well including : time off programs, medical, dental, vision, mental health support, paid parental leave, life and disability insurance, 401(k), and an employee stock purchasing program. More details about company benefits can be found at the following link : to the San Francisco Fair Chance Ordinance and the Los Angeles Fair Chance Initiative for Hiring, Salesforce will consider for employment qualified applicants with arrest and conviction records. For Washington-based roles, the base salary hiring range for this position is $230,700 to $351,800. For California-based roles, the base salary hiring range for this position is $251,900 to $384,100.