Threat Operations Security Engineer I

WHAT IS BOX? Box is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organizations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal. By joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers 100,000+ businesses, including many top Fortune 500 companies who trust our secure collaboration platform to manage the entire content lifecycle.  

Why Box Needs You?

Threat Operations is a team within Box’s Global Security Office consisting of Threat Hunting, Threat Detection, Threat Intelligence, and Malware Analysis. The team is an integral part of Box’s corporate and production security program, collaborating with Incident Response and the Red Team regularly.

The Threat Operations Security Engineer will support team by setting up and maintaining cloud assets for the development and extraction of IOCs and ATT&CK techniques from malicious binaries.

The Threat Operations Security Engineer will also work closely with Malware Analysis, Threat Intelligence and Security Engineering to implement automation enhancements on ThreatOps workflows. This role will also work closely with the Shield product team and Malware Analysis to enhance the Box Shield Product.

What You'll Do?

• Setup, configuration and maintenance of cloud assets (AWS)

• Implementation of identity and access management hardening to secure ThreatOps systems

• Implementation of automation to enhance ThreatOps workflows

• Participate in technical working sessions with Malware Analysis, Threat Intel, Detection Engineering

• Develop new tools, templates, and methods as needed to support ThreatOps

• Document processes, procedures, and system setups

• Shifted hours occasionally needed for collaboration with the Global Security Team

Who you are?

• You have 1+ years of experience in the security industry, related internships or as a cloud systems engineer

• You have experience with Linux and system fundamentals, hypervisor & container security (especially in modern cloud environments)

• You have knowledge of Windows and/or Mac system fundamentals

• You have enthusiasm and passion for cyber security

• You possess development skills (for example Python, Terraform, Bash scripting, Micro-service architecture, API testing or fuzzing, etc)

• You have understanding of network protocols (TCP/UDP, SSH, TLS, DNS, DHCP, IPMI, SNMP, etc) and applied cryptography (encryption, signing, certificates, algorithms)

• You have excellent interpersonal and communication skills with a sense of urgency and impatience infused with infectious enthusiasm to drive our vision

• You have strong collaborative skills and ability to work in a diverse global team of security professionals 

• You communicate fluently in English

EQUAL OPPORTUNITY We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation.    For details on how we protect your information when you apply, please see our Personnel Privacy Notice. For more details on how Box Poland protects your information, please see our Supplemental Personnel and Candidate Privacy Notice.    #LI-KS2