Informacje o stanowisku

Box is the world’s leading Content Cloud. We are trusted by more than 115K organizations around the world today, including nearly 70% of the Fortune 500 and leaders across deeply regulated industries (such as AstraZeneca, JLL, and Nationwide), to protect their data, fuel collaboration, and power critical workflows with secure, enterprise AI.

By joining Box, you will have the unique opportunity to continue driving our platform forward. Content powers how we work. It’s the billions of files and information flowing across teams, departments, and key business processes every single day: contracts, invoices, employee records, financials, product specs, marketing assets, and more. Our mission is to bring intelligence to the world of content management and empower our customers to completely transform workflows across their organizations. With the combination of AI and enterprise content, the opportunity has never been greater to transform how the world works together and at Box you will be on the front lines of this massive shift.

Founded in 2005, Box is headquartered in Redwood City, CA, and we have offices across the United States, Europe, and Asia.

WHY BOX NEEDS YOU

Box is looking for a security tooling engineer who has worked to onboard, deploy and optimize infrastructure security tools. This engineer understands various automated scanning methodologies. This person will onboard, optimize and automate testing solutions that scale the identification of security vulnerabilities, misconfigurations, malicious activity and anti-patterns with high quality output.

WHAT YOULL DO

1. Implement and automate data-driven enhancement strategies for run-time vulnerability scanning and monitoring for compute and container workloads, including troubleshooting and continuous process improvement.
2. Research, evaluate and implement new cloud-based security technologies and tools.
3. Work closely with engineering, SRE teams and other engineering groups on implementing new solutions.
4. Provide vulnerability risk and remediation analysis.
5. Deliver designs, analysis, architecture and automation to improve risk posture and to secure Box infrastructure and processes.
6. Implement automation of security scanning and monitoring across development processes and tools.
7. Support and grow a high performing organization that is building the services that reduce attack surface and help drive preventative measures throughout Boxs systems and production environment.
8. Participate in on-call rotation.
9. Occasionally shift hours needed for collaboration with the Global Security and Engineering Teams.

WHO YOU ARE

1. At least 2-3 years in a DevOps, System Engineer or SysAdmin role; Security experience a plus.
2. Demonstrated interest in the InfoSec field (ISC2 CC, Security+, GCP Professional Cloud Security Engineer, AWS Certified Security Specialty, etc.).
3. Experience in aligning system and tooling configurations to security and/or compliance controls.
4. Knowledge of the security aspects of VMs, containers and Kubernetes.
5. Previous experience in deploying hardening protections at the endpoint.
6. Experience in writing automations in at least one object-oriented programming language including Python, Bash, Golang or JavaScript.
7. Working knowledge in at least one major cloud platform (AWS, GCP, Azure), GCP preferred.
8. Experience in containerizing tools and applications.
9. Demonstrated experience in configuring cloud applications, services and distributed systems.
10. Experience with high-availability operations management, including deployment automation, patching and rollback strategies.
11. Demonstrated creative, critical and independent thinking capabilities and troubleshooting skills.
12. Proficient in thoroughly documenting work and designs.
13. Passionate about engineering perfection, performance, and quality.
14. Enthusiasm for new technologies and growth.
15. Openness to a hybrid working mode with 2-3 days of in-office collaboration weekly.

Box lives its values, with community and in-person collaboration being a core part of our culture. Boxers are expected to work from their assigned office a minimum of 2 days per week, with a focus on Tuesdays and Thursdays. Your Recruiter will share more about how we work and company culture during the hiring process.

EQUAL OPPORTUNITY

We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation.

Warszawa - Oferty pracy w okolicznych lokalizacjach