Back to all jobs

Sr. Data Security Engineer


Dec 06

Box is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organizations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal. 
By joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers over 97,000 businesses, including 70% of the Fortune 500 who trust Box to manage their content in the cloud. 
As Box continues to grow at an exponential rate, the pace of change that we are building into our platform could easily outpace the traditional ways that security organizations are setup. Security Engineering at Box is part of a new and more modern approach to security, covering the full spectrum of Build, Attack, and Defend and working closely with our engineering partners to incorporate security into the DNA of everything that we do.
As part of our team, you'll be securing an environment that processes hundreds of billions of events per week, ingests hundreds of terabytes of data per week, and handles tens of thousands of database queries per month.
We are looking for a seasoned data security engineer to join as a core and founding member of this new team and focus on solving complex Security Engineering challenges, challenges that will only grow as Box hits exabyte scale.  This role will directly impact the experience of Box’s 85 million users and Box’s ability to scale profitably as we grow. 
If you...  
  • Are looking for an opportunity to be a founding member of a team taking a modern approach to security
  • Are excited by an opportunity to secure the Box platform against ongoing external threats
  • Are passionate about security challenges related to building and operating large enterprise production at scale  
  • Encourage innovation 
  • Love to get close to the technology  
  • Enjoy mentoring and coaching
  • Design and implement security capabilities covering key management, encryption, de-anonymization, data masking, tokenization, auditing and governance
  • Build authorization frameworks to provide fine grained and data centric access controls
  • Design and develop solutions to secure communication and data sharing in a globally distributed service 
  • Provide security expertise and guidance on metadata management, data tagging, and security focused data analytics 
  • Perform hands-on threat modeling, risk assessment, and data security validation 
  • Design and develop mechanisms to provide safety and security for advanced database features like cloning, replication, data sharing, procedure execution 
  • Lead security awareness and training with other engineering teams to foster a culture of security on every team 
  • Support and grow a high performing organization that is building the services that stop attackers and help drive preventative measures throughout Box's systems and production environment
  • 5+ years of experience designing and building data and storage systems at an enterprise scale 
  • 5+ years of industry experience developing and implementing fundamental security features and solutions with data and storage systems using their knowledge of industry standard security frameworks such as CIS, NIST, ISO, SOC2, etc. 
  • Extremely strong fundamental computer science skills and experience working with MySQL, HBase, Hadoop, and Bigtable 
  • Experience working within cloud security architecture (GCP/AWS) 
  • Hands on experience with Cloud Access Security Broker (CASB), and Data Activity Monitoring 
  • Excellent interpersonal skills, whether writing an email, explaining technical details to a colleague, or presenting to a room full of engineers, as well as broad experience engaging with the customers
  • Expertise in securing data using methods such as: encryption, IAM, secrets management
  • Experience hardening protections at the endpoint where access to services must be authenticated, authorized, and encrypted instead of solely relying on the protections at the network perimeter

Visit this webpage to check out all of our exciting benefits:

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
For details on how we protect your information when you apply, please see our Personnel Privacy Notice.