Box is the world’s leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500 and leaders across deeply regulated industries (such as AstraZeneca, JLL, and Nationwide), to protect their data, fuel collaboration, and power critical workflows with secure, enterprise AI.

By joining Box, you will have the unique opportunity to continue driving our platform forward. Content powers how we work. It’s the billions of files and information flowing across teams, departments, and key business processes every single day: contracts, invoices, employee records, financials, product specs, marketing assets, and more. Our mission is to bring intelligence to the world of content management and empower our customers to completely transform workflows across their organizations. With the combination of AI and enterprise content, the opportunity has never been greater to transform how the world works together and at Box you will be on the front lines of this massive shift.

Founded in 2005, Box is headquartered in Redwood City, CA, and we have offices across the United States, Europe, and Asia.

Box is looking for a security tooling engineer who has worked to onboard, deploy and optimize infrastructure security tools. This engineer understands various automated scanning methodologies. This person will onboard, optimize and automate testing solutions that scale the identification of security vulnerabilities, misconfigurations, malicious activity and anti-patterns with high quality output.
  • Implement and automate data-driven enhancement strategies for run-time vulnerability scanning and monitoring for compute and container workloads, including troubleshooting and continuous process improvement.
  • You will research, evaluate and implement new cloud-based security technologies and tools
  • You will work closely with engineering, SRE teams and other engineering groups on implementing new solutions
  • Provide vulnerability risk and remediation analysis
  • You will deliver designs, analysis, architecture and automation to improve risk posture and to secure Box infrastructure and processes
  • Implement automation of security scanning and monitoring across development processes and tools
  • Support and grow a high performing organization that is building the services that reduce attack surfaceand help drive preventative measures throughout Box's systems and production environment
  • Will be a part of on-call rotation
  • Shifted hours occasionally needed for collaboration with the Global Security and Engineering Teams
  • At least 2-3 years in a DevOps, System Engineer or SysAdmin role, Security experience a plus
  • Demonstrated interest in the InfoSec field (ISC2 CC, Security+, GCP Professional Cloud Security Engineer, AWS Certified Security Specialty, etc)
  • Experience in aligning system and tooling configurations to security and/or compliance controls
  • Can demonstrate knowledge of the security aspects of VMs, containers and Kubernetes
  • Previous experience in deploying hardening protections at the endpoint
  • Experience in writing automations in at least one object-oriented programming language including python, bash, golang or JS.
  • Working knowledge in at least one major cloud platform (AWS, GCP, Azure), GCP preferred
  • Experience in containerizing tools and applications
  • Demonstrated experience in configuring cloud applications, services and distributed systems
  • Experience with high-availability operations management, including deployment automation, patching and rollback strategies
  • Demonstrated creative, critical and independent thinking capabilities and troubleshooting skills
  • Proficient in thoroughly documenting work and designs
  • Can demonstrate knowledge of the security aspects of VMs, containers and Kubernetes
  • Previous experience in deploying hardening protections at the endpoint
  • Passionate about engineering perfection, performance, and quality
  • Enthusiasm for new technologies and growth
  • Openness to a hybrid working mode with 2-3 days of in-office collaboration weekly

Box lives its values, with community and in-person collaboration being a core part of our culture. Boxers are expected to work from their assigned office a minimum of 2 days per week, with a focus on Tuesdays and Thursdays. Your Recruiter will share more about how we work and company culture during the hiring process.

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation. 
For details on how we protect your information when you apply, please see our Personnel Privacy Notice.
For more details on how Box Poland protects your information, please see our Supplemental Personnel and Candidate Privacy Notice

Apply for this Job

* Required

resume chosen  
(File types: pdf, doc, docx, txt, rtf)
cover_letter chosen  
(File types: pdf, doc, docx, txt, rtf)

Enter the verification code sent to to confirm you are not a robot, then submit your application.

This application was flagged as potential bot traffic. To resubmit your application, turn off any VPNs, clear the browser's cache and cookies, or try another browser. If you still can't submit it, contact our support team through the help center.