Box is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organizations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal.
By joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers over 97,000 businesses, including 70% of the Fortune 500 who trust Box to manage their content in the cloud.
WHY BOX NEEDS YOU
Every business in the world is looking to modernize the way that they work. As the leader in cloud content management, Box is the ideally positioned company to help enterprises transform how people collaborate together. We want to make sure that the developers at Box have the best tools possible to drive that transformation in a secure and efficient way. That's where you come in!
We need a Security Engineer to join the Platform and Cloud Security team aswe aim to build a next generation security program to support the scale and security of Box as we migrate to the cloud.You will use your experience to help drive the resolution of complex security problems, policy improvements, and technical security issues while developing scalable systems to automate detection and remediation.
You'll support and share your knowledge with a wide variety of partners and customers, including Compliance, Legal, Engineering, and Infrastructure, on a team that values input, learning, and professional growth.
WHAT YOU'LL DO
We are focused on various technical areas that support Security efforts at Box. You will focus on one or more of them. Some of those areas are:
Public Cloud Reference Architecture/Policy/Standard
Network Security - Standard/Policy
Container Security - Logging, monitoring and tooling
Security Benchmarking against industry accepted standard
Vulnerability Management - detection/mitigation
In the above areas, you'll be asked to:
Gather metrics to drive data driven decisions within the Global Security Office
Executing and delivering work towards long-term goals and initiatives to support Box's overall security posture
Working closely with Engineering teams and Security Architects to validate the posture of new services and features
Adapting to change and effectively organizing work according to business priorities
The documentation of processes and procedures
Working on software development, building security tools, automation
Perform hands-on threat modeling, risk assessment, and web service security validation
Develop new tools, templates, and methods to help teams across BOX scale securely
Partner with Engineering to build a secure cloud native platform
Provide security expertise for truly massive software projects and cloud service designs for a hybrid cloud model
Learn! Constantly hone your own technical skills and guide others to improve theirs
WHO YOU ARE
You have 1-2 years of experience in the security industry
You can identify owners and drive remediation of critical technical & security concerns
You have an understanding of security endpoint monitoring solutions, the concepts and what it takes to ensure that Box is building secure systems
You have an understanding of best practice security posture and concerns in a SaaS environment
You are collaborative with exceptional interpersonal and communication skills
You are analytical, organized, know how to make a plan and execute it
You have a GitHub profile and hands on experience with Python, Go or similar
You are a self-starter and who can thrive and be successful with minimal supervision
You have hands-on experience with industry-leading security tools (ex: Lacework, Tenable, Carbon Black, etc)
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.