Sr. Staff Software Engineer, Security Architecture
- Federated identity management, authentication and authorization
- Anomalous behavior / account takeover detection and prevention
- Malware protection, Content Security Scanning, Content exfiltration prevention
- Secrets management
- You will collaborate with senior engineering leaders and engineers across organizations and disciplines to guide the end-to-end platform security architecture at Box.
- You will architect security, authentication and authorization frameworks, components and the necessary tooling to help other engineers build scalable, HA services.
- You will work with the engineers of the Product Security and Identity team on a number of the team's areas
- You will provide product, process and architecture thought leadership and evangelize good security practices
- You'll help us figure out effective tenant isolation, storage encryption, network segmentation
- 12+ years of software development experience.
- Designed/implemented Identity & Access Management (IAM) solutions for identity management, identity federation and authenticating/authorizing access to system resources; Experience with identity-related industry standards (e.g. SCIM, Open ID Connect, SAML, JWT, OAUTH) and related technologies to manage identity in distributed, web-scale systems
- Experience designing an end-to-end platform security architecture to secure API call chains in a distributed, highly scalable, highly available multi data center system architecture accessible by 1st, 2nd and 3rd party API consumers
- Experience using security tokens for internal identity representation in a distributed service-oriented architecture
- Familiarity with architecture strategies to achieve high availability for identity management systems in a web-scale, multi data center architecture
- Experience designing application access control solutions using industry access control models (e.g. RBAC, ABAC) and supporting technologies to authorize access to complex user data; Familiarity with industry access control standards (e.g. XACML)
- Experience making tradeoffs between product velocity and overall security, as well as ability to line up the organization behind these
- Experience in a fast paced, highly collaborative environment.
- Demonstrated experience in a SaaS engineering environment.
Meet Some of Box's Employees
Outbound Business Representative
Ryan works with federal, state, and local government agencies to help them integrate Box’s secure storage system so that they can more efficiently achieve their goals.
Back to top