Threat Intelligence Automation Developer (Orchestration)

Salesforce

Remote

Quick summary

Work type
Remote
Location
Seattle, WA · Washington, DC · Mclean, VA · San Francisco, CA
Salary
$117,200–$176,700 / yr
Posted
26 days ago

Market check

Salary context

Below market

How this pay compares to similar roles

Similar $177k
This role $147k
$105k most similar roles pay here $232k

This role pays less than 68% of similar roles. Most pay $142,400–$211,200 — the shaded band above. At the midpoint, this role pays about $147k versus about $177k for comparable roles.

Based on 239 similar postings.

Employer

About Salesforce

Salesforce is the world''s leading customer relationship management (CRM) platform, offering cloud-based software for sales, service, marketing, analytics, and application development. Industry: Enterprise Software & Cloud Computing

Salesforce currently has 86 open roles on FindRole.

Listed pay typically runs $148,500–$260,100 across 77 roles with salary data.

Most-posted roles

View all roles at Salesforce

At a glance

TL;DR · Threat Intelligence Automation Developer (Orchestration)

Apply Now Log in to save

As a Threat Intelligence Automation Developer at Salesforce, you will join the Counter-Threat Operations team in Washington D.C., McLean VA, Seattle WA, or San Francisco CA, focusing on converting adversary data into actionable insights through large-scale automated pipelines. Your daily tasks include architecting and implementing programmatic solutions within SOAR ecosystems to enhance security operations, collaborating with Threat Researchers to automate investigative workflows, and leading the evaluation of new data streams for ingestion and normalization. You will optimize intelligence production cycles by eliminating manual processing burdens and maintaining system context repositories. The role requires advanced Python development skills, experience with SOAR platforms like Palo Alto Cortex XSOAR, and familiarity with AWS and Linux environments. Additional preferred qualifications include expertise in graph modeling, cloud-native automation, and relevant industry certifications.

Skills

Python Bash JavaScript Palo Alto Cortex XSOAR Splunk Phantom Tines Swimlane Vertex Synapse ThreatConnect Anomali MISP RESTful APIs Regex git CI/CD AWS Linux Unix command-line utilities

What you'll do

  • Design and implement automated pipelines for processing adversary data in Threat Intelligence Platforms.
  • Develop cross-platform integrations to enhance security operations at scale within the SOAR ecosystem.
  • Lead initiatives to automate investigative workflows, transforming manual processes into repeatable detection frameworks.
  • Oversee evaluation of new data streams and ensure sophisticated data ingestion and normalization.
  • Optimize intelligence production cycles by eliminating manual processing burdens through automation.

What we're looking for

  • At least three years of experience in cybersecurity, including security engineering or automation workflows.
  • Proficient in Python development and additional skills in Bash and JavaScript for scripting.
  • Experience implementing SOAR platform orchestration using industry-standard tools like Palo Alto Cortex XSOAR.
  • Expertise in normalizing unstructured data via RESTful APIs and regular expressions into structured formats.
  • Technical mastery of version control systems (git) and CI/CD best practices in security engineering workflows.
  • Hands-on experience building and managing solutions on Amazon Web Services (AWS).
  • Operational knowledge of Linux environments and Unix command-line utilities.

Related searches

More Threat Intelligence Automation Developer jobs Threat Intelligence Automation Developer jobs in Seattle Remote Threat Intelligence Automation Developer jobs All jobs at Salesforce

More like this

Similar roles

Cyber Automation Engineer

Booz Allen Hamilton

Beavercreek, OH 30 days ago $69,300$158,000
AWS Azure RESTful APIs Axonius Armis CI/CD Python Shell scripting Docker PostgreSQL MySQL APIs Terraform Kubernetes Prometheus Grafana Ansible Git VMware Windows Linux DoD 8570 IAT Level II Certification
Save

Cyber Automation Engineer

Booz Allen Hamilton

MD 23 days ago $99,000$225,000
Ansible Git RHEL Windows VMware DevSecOps CI/CD Infrastructure as Code (IaC) Configuration as Code (CaC) Docker JSON YAML Python API design Object-oriented principles
Save

Security Automated Response Engineer

Booz Allen Hamilton

Fort Meade, MD 31 days ago $86,900$198,000
Tines Palo Alto XSOAR Splunk Phantom Swimlane ThreatQ OpenCTI Python APIs Docker Kubernetes Git Elastic Stack Splunk AI systems HTML JS CSS
Save

Software Engineer, Intelligence Systems

Anduril Industries

Reston, VA 2 days ago $129,000$171,000
React Angular SQL Server C# TypeScript Java DevOps CI/CD Docker Kubernetes Prometheus Grafana Python PostgreSQL
Save

Cyber Fusion Analyst

Leidos

9358 Undisclosed Dc Customer Site, US 86 days ago $107,900$195,050
MITRE ATT&CK SIEM TIP Splunk Kusto Python AWS Azure O365 Recorded Future VirusTotal Mandiant Advantage CISSP CASP+ CE CEH CySA+ DoD 8570 IAT Level II/III DoD 8570 CSSP Analyst
Hybrid
Save

Cyber Automation Lead

Booz Allen Hamilton

Fayetteville, NC 2 days ago $86,800$198,000
Ansible Terraform Salt Puppet PowerShell Chef Infrastructure as Code AI Machine Learning Zero Trust Security Splunk Enterprise Splunk SOAR Git IaC CI/CD
Save