Box
Staff Security Engineer
Vaga remota de Security com fit claro de localização do candidato.
PublicadaAdicionada recentemente
Países elegíveis37 países aceitos
Sinal de senioridadeLead
Modelo de trabalhoRemoto
Locais aceitos para candidatos
Resumo da vaga
Staff Security Engineer
Requisitos e responsabilidades
Conteúdo da vaga extraído em seções para revisão mais rápida.
Details
- Contribute to a roadmap that scales Box’s security capabilities across platform and product surfaces.
- Ship MVPs and iterate on security automation, including supply chain security, SDLC agents/controls, and developer-first guardrails.
- Partner with Assurance & Architecture Team and cross-functional teams (Product, Platform, Cloud, SRE, Developer Experience) to embed security into workflows and tooling.
- Drive a breaker–builder approach: identify attack paths, validate with experimentation and feedback, and operationalize secure product development at scale.
- Establish clear team operating mechanisms: prioritization, sprint/quarterly planning, metrics, and post-launch learning.
- Define and track KPIs and KRIs that show risk reduction, coverage, and developer experience improvements.
- Represent the team internally and in the community (e.g., open source, meetups), fostering a culture of learning and inclusion.
- Strong security engineering foundation with hands-on familiarity in at least two of: DevSecOps automation, software supply chain security (SBOM, signing, provenance), SDLC controls/agents, fuzzing, or application security tooling.
- Development skills in one or more languages (e.g., Python, Go, Java, or TypeScript) and a track record of building production systems.
- Builder mindset with the ability to turn ambiguous risk areas into pragmatic roadmaps, MVPs, and measurable outcomes.
- Comfortable with a breaker/attacker perspective to uncover weaknesses and a builder mindset to scale defenses through automation.
- Proven cross-functional collaborator who can influence without authority and partner across Product, Engineering, and Cloud/SRE.
- Data-driven decision-maker who defines success with metrics and iterates quickly based on signal.
- Excellent communicator in English; able to align global stakeholders across time zones.
- Preferred skills:
- Experience with SaaS at scale, developer platform/tooling, cloud-native environments, and contributions to open source or security communities.
- Familiarity with common tools or ecosystems (e.g., CI/CD, container registries, policy engines, SAST/DAST, package managers), and modern languages (e.g., Go, Python, Java).
- Experience with SaaS at scale, developer platform/tooling, cloud-native environments, and contributions to open source or security communities.
- Familiarity with common tools or ecosystems (e.g., CI/CD, container registries, policy engines, SAST/DAST, package managers), and modern languages (e.g., Go, Python, Java).
Vagas similares
Mantenha uma lista reserva.
CI/CD, Java 8 países aceitos
Application Security EngineerMorgan StanleyVer vaga Java, Python 8 países aceitos
Application Security Engineer (Tech Lead)Morgan StanleyVer vaga Java, Python 8 países aceitos
Application Security Engineer (Senior)Morgan StanleyVer vaga Python 8 países aceitos
Senior Data ScientistMorgan StanleyVer vaga Stack
Use estas tags para comparar vagas remotas similares.
Elegibilidade de localização
Candidatos devem aplicar apenas quando o país do perfil estiver listado aqui.
Seu perfilPaís não definidoEntre para comparar seu país com esta vaga.
Ver todos os 37 países aceitos
Fluxo de contratação
O WithMira mostra a vaga e depois envia candidatos para a aplicação da empresa.
1Confira fit da vaga, stack e elegibilidade de localização no WithMira.
2Abra a página de aplicação da empresa pelo link rastreado.
3Salve a vaga ou assine oportunidades similares antes de sair.