Senior Security Engineer (Product and Platform Security) at Box

Warsaw, Masovian Voivodeship, Poland

Apply Now
Box Logo
Not SpecifiedCompensation
Senior (5 to 8 years)Experience Level
Full TimeJob Type
UnknownVisa
Technology, Content Management, Enterprise SoftwareIndustries

Requirements

  • Strong software development skills in one or more languages (e.g., Python, Go, Java, or TypeScript) and a track record of building production systems
  • Hands-on background in security engineering or DevSecOps—integrating security controls into CI/CD, automating assessments, and improving developer workflows
  • Practical experience with supply chain security concepts and tools (e.g., SLSA, Sigstore, SBOM, artifact signing, provenance, dependency hygiene)
  • Familiarity with application security techniques such as fuzzing, dynamic/static analysis
  • Approach work with a growth mindset and leverage AI to make faster, smarter decisions

Responsibilities

  • Design, build, and operate security automation for the SDLC (e.g., code scanning, dependency risk management, secrets detection, policy-as-code) integrated into CI/CD
  • Develop and maintain software supply chain protections, including SBOM generation/verification, artifact signing/attestation, and provenance enforcement
  • Create programmable “security agents” and backend services that continuously test, fuzz, and validate product and platform components
  • Partner with product and platform engineering to embed security-by-design patterns, drive threat modeling, and land pragmatic guardrails that unblock developers
  • Deliver an MVP within your first quarter in an agreed focus area (e.g., supply chain, fuzzing framework, or SDLC agent), then iterate based on measurable outcomes
  • Use data and telemetry to measure control effectiveness; build dashboards and alerts that turn signals into action
  • Contribute to and/or lead open source efforts that advance our security posture and the broader community
  • Document designs, runbooks, and APIs; mentor engineers and champion secure engineering practices

Skills

Security Engineering
Software Supply Chain Security
SDLC
CI/CD
Infrastructure Security
Automation
AI
Code Security
Risk Detection
Remediation

Box

Cloud-based content management and collaboration solutions

Website

About Box

Box provides cloud-based content management and collaboration solutions that enable businesses to securely manage, share, and collaborate on their content. The platform offers features such as secure file storage, sharing, and collaboration tools, along with advanced functionalities like Box AI for Notes and Box AI for Documents, which utilize artificial intelligence to enhance productivity by providing instant answers and content creation capabilities. Unlike many competitors, Box focuses on a subscription-based model that allows clients to choose tailored pricing plans based on their specific needs, ensuring a good return on investment. The company's goal is to transform how people work together by offering a simple, secure, and efficient way to manage content in the cloud, while fostering a customer-centric approach and encouraging diverse ideas within its workforce.

Redwood City, CaliforniaHeadquarters
2005Year Founded
$548.7MTotal Funding
IPOCompany Stage
Enterprise Software, AI & Machine LearningIndustries
1,001-5,000Employees

Benefits

Health and Wellness
Family Support
Generous Time Off
Financial Benefits
Community
Evolving Workplace

Risks

Box faces strong competition from Amazon, Alphabet, and Microsoft.
Economic downturns may lead to reduced subscription revenue for Box.
AI integration may face data privacy and regulatory compliance challenges.

Differentiation

Box integrates AI to enhance content management and collaboration capabilities.
Box offers tailored solutions for diverse industries, including legal and government sectors.
Box's global presence, especially in APAC, strengthens its market position.

Upsides

Box's AI integration with Microsoft 365 Copilot enhances user experience and data management.
Box's collaboration with Bubo Defense expands its AI capabilities and partnerships.
Box Hubs streamlines enterprise content management with advanced AI technologies.

Related Jobs

Remote
Remote iconRemote

Senior DevSecOps Engineer

Oddball
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
Hundred
Remote iconRemote

Senior Cloud Security Architect (R-00079)

True Zero Technologies
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

Software Engineer, Security

Render
$193,000 - $265,000/year
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
United States
Remote iconRemote

Detection & Response Engineer III - NG-SIEM (Remote)

Crowdstrike
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
California
Remote iconRemote

Sr. DevOps Architect - Cloud Infrastructure & Security (Remote)

Crowdstrike
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years)
United States
Remote iconRemote

Senior Application Security Engineer

M&T Bank
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
Remote
Remote iconRemote

Manager, Security Engineering

GoFundMe
Salary not specified
  • Employment type iconFull Time
  • Experience level iconSenior (5 to 8 years), Expert & Leadership (9+ years)
El Segundo +1 more
Remote iconRemote

Software Engineers, AI Security

Saviynt
Salary not specified

Land your dream remote job 3x faster with AI

Try Jobo Free