Sr. Staff Software Engineer, Security Architecture
- Federated identity management
- Session/token lifecycle management
- Security Token Service
- Anomalous behavior / account takeover detection and prevention
- Malware protection
- Content Security Scanning
- Content exfiltration prevention, IP Whitelisting
- Rate Limiter
- Secrets management
- You will collaborate with senior engineering leaders and engineers across organizations and disciplines to guide the end-to-end platform security architecture at Box.
- You will develop security, authentication and authorization frameworks, architectural components and the necessary tooling to help other engineers build scalable, HA services.
- You will work with the engineers of the Product Security and Identity team on a number of the team's areas
- You will provide product, process and architecture thought leadership and evangelize good security practices
- 12+ years of software development experience.
- Designed/implemented Identity & Access Management (IAM) solutions for identity management, identity federation and authenticating/authorizing access to system resources; Experience with identity-related industry standards (e.g. SCIM, Open ID Connect, SAML, JWT, OAUTH) and related technologies to manage identity in distributed, web-scale systems
- Experience designing an end-to-end platform security architecture to secure API call chains in a distributed, highly scalable, highly available multi data center system architecture accessible by 1st, 2nd and 3rd party API consumers
- Experience using security tokens for internal identity representation in a distributed service-oriented architecture
- Familiarity with architecture strategies to achieve high availability for identity management systems in a web-scale, multi data center architecture
- Experience designing application access control solutions using industry access control models (e.g. RBAC, ABAC) and supporting technologies to authorize access to complex user data; Familiarity with industry access control standards (e.g. XACML)
- Experience in a fast paced, highly collaborative environment.
- Demonstrated experience in a SaaS engineering environment.
- Tech blog (http://tech.blog.box.com/)
- Open source projects (http://opensource.box.com/)
- Developer Platform: https://developers.box.com/
Meet Some of Box's Employees
Field Customer Success Manager
Christian works with Box customers post-implementation to ensure they’re successful with their new software—and help them best use the services they subscribe to.
Back to top