Staff Enterprise Security Engineer

Details

• Architect and implement cutting-edge security solutions across critical enterprise domains including endpoint protection, zero trust networking (ZTNA), identity and privileged access management, SaaS security, and AI-enabled systems
• Lead the transformation of Box's security architecture toward a fully realized zero-trust model, encompassing device trust frameworks, identity-centric access controls, and continuous verification mechanisms
• Design security controls that scale with Box's growth while maintaining operational efficiency and user experience
• Pioneer the adoption of AI-augmented security operations, including LLM-based investigative tooling and automated threat analysis
• Identify and implement opportunities to automate security workflows through scripting, infrastructure-as-code, and orchestration platforms
• Develop self-healing security systems that can detect, respond to, and remediate threats with minimal human intervention
• Lead comprehensive security architecture reviews and risk assessments for enterprise infrastructure changes, SaaS application integrations, and data protection initiatives
• Conduct threat modeling exercises for new technologies and business initiatives, ensuring security is embedded from inception
• Develop and maintain security standards and reference architectures that guide enterprise-wide technology decisions
• Create reusable security patterns and templates that accelerate secure deployment of new services
• Contribute to the strategic direction of Box's enterprise security architecture and long-term technology roadmap
• Collaboration & Impact
• Partner closely with Incident Response, IT Operations, Infrastructure, and Engineering teams to mature Box's enterprise security function
• Build and maintain security telemetry, monitoring, and investigative tooling that enhances detection, containment, and response capabilities
• Foster a security-first culture across the organization through education, tooling, and collaborative problem-solving
• Mentor and coach junior engineers, sharing expertise in security architecture, threat modeling, and defensive strategies
• Help raise the technical bar across the team through code reviews, architectural discussions, and knowledge sharing
• Build a culture of continuous learning and innovation within the security engineering team
• Bachelor's or Master's degree in computer science, information security or related field
• 8+ years of experience in corporate/enterprise security engineering (endpoint, network security, cloud security, SaaS security, identity, or a combination)
• Deep expertise in macOS security with solid knowledge of Windows and ChromeOS
• Hands-on experience deploying and operating at scale for a combination of below:
• Device trust and endpoint detection solutions (EDR/XDR)
• ZTNA/zero trust architectures, VPNs and hybrid/in-office deployments
• Identity and access management (IAM/PAM/passwordless authentication)
• CASB/Secure web gateway, SSPM and DLP solutions
• Strong understanding of emerging security challenges: shadow IT, AI & Agentic identities, SaaS-to-SaaS integrations, browser security and data exfiltration paths
• Experience with security automation using Python, Go, or similar languages
• Proficiency with SIEM platforms (Splunk, Elastic, SumoLogic) for log analysis and rule creation
• Experience securing cloud-native and hybrid environments (AWS, GCP, Azure)
• Familiarity with IaC (Terraform), CI/CD pipelines, and DevSecOps practices
• Understanding of AI security risks and experience securing AI-centric deployments
• Exceptional communication skills with ability to translate complex security topics for all audiences
• Proven ability to work independently with high autonomy, manage ambiguity, and recommend secure but risk profiled decisions.