The Identity Access Management Services (IAMS) team builds and runs software and services that
- store and manage user identities and access permissions to support authentication and authorization to Box infrastructure
- centrally manage secrets - store, access and distribute secrets like keys, tokens, passwords and certificates
By abstracting away the low-level details of working of identity access and secrets management we seek to provide strong self-serve tooling and systems to address the security and compliances needs.
Why the team needs you
The team is a blend of strong SREs (Site Reliability Engineers) with security focus. We consult with other teams on security-sensitive matter, develop security-related automation and tooling, and advocate to ensure security is prioritized across Box infrastructure.
The candidate will be responsible for the following activities:
- Play a critical role in effectively maintaining and improving the security of our organization’s infrastructure - standard methodologies, security groups, user access
- Work across engineering teams to establish and implement secure practices and procedures in the building of environments and deployment of code
- Implement, configure and manage groundbreaking security tooling of Box infrastructure
- Influence and design current strategies and procedures for securing our environments.
- Perform vulnerability identification and remediation including patch management for IAMS systems
Why Box needs you
Box is growing fast. Real fast. Every business in the world is looking to modernize the way that they work. As the leader in cloud content management, Box is the only company that can help enterprises transform how people work together.... That's where you come in.
Why you need Box
This high impact role will provide you the unique opportunity to architect, build and support the infrastructure and services that define the future of the Box Identity Access Management infrastructure. You will work with cutting-edge technologies alongside some of the best security engineers to allow Box to move fast and scale securely. As a key partner you will have visibility across all of Engineering, Security, Legal and Compliance and the ability to make a direct impact on the entire business.
Who you are
- Understanding of Unix/Linux systems from kernel to shell and beyond, taking in system libraries, file systems and client-server protocols
- Demonstrate understanding of modern Identity & Access Management concepts and best practices: Role Based Access Control (RBAC), User Lifecycle Management, Entitlements, Resources, Provisioning, Access Control, Audit
- You have experience building automations, preferably with Python/Django, Go-Lang
- Demonstrated ability to think critically about operational risks and business practices
- Excellent analytical, problem solving, troubleshooting, and interpersonal skills with a focused attention to detail
- 5+ years of experience in production operations; 3+ years of experience in any identity access management
- A university degree in the field of computer science, IT or Information Security
The fine print
- Experience with REST APIs , SAML, SSO, MFA, Auth Proxy
- Experience with privileged account management solutions like: CyberArk, HashiCorp Vault, BeyondTrust Password Safe, One Identity PAM, CA PAM
- Experience with cloud based identity management and IAM services including AWS, Azure, and Google Cloud
- Must participate in the on-call rotation as owner of the IAMS team services
About Box: Founded in 2005, Box (NYSE:BOX) is transforming the way people and organizations work so they can achieve their greatest ambitions. As the world's leading enterprise software platform for secure content collaboration, Box helps business of all sizes in every industry securely access and manage their critical information in the cloud. Box is headquartered in Redwood City, CA, with offices across the United States, Europe and Asia. To learn more about Box, visit
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.