Staff Security Engineer

Box Inc Deutschland Logo

Box Inc Deutschland

πŸ’΅ $174k-$217k
πŸ“Remote - United States

Summary

Join Box's Threat Operations team as a Staff Security Engineer. You will be a hands-on technical expert responsible for hunting, creating, testing, and tuning automated threat detections. Collaborate with Security Operations, IT, and Engineering teams to identify and remediate detection and logging gaps. Work with the Threat Intelligence Team to prioritize threat behaviors and build detections. This role requires a Bachelor's degree or equivalent experience, 8+ years in security operations, and proficiency in data analysis, scripting, and security technologies. Box offers a collaborative work environment with a minimum of two days per week in the office.

Requirements

  • A Bachelors degree in computer science, cybersecurity, mathematics, data science or related fields, or equivalent work experience
  • 8+ years of experience in a security operations role (incident response, threat detection, threat hunting)
  • You are comfortable (and enjoy!) searching through TB's of data in a SIEM to find interesting patterns (i.e. Splunk, ELK, etc.)
  • You are familiar with Splunk Processing Language (SPL) or SQL and want to become a power user
  • You have worked as an incident responder or have partnered closely with an incident response team
  • You are comfortable writing small scripts in python or similar scripting languages
  • You have an understanding of how attackers leverage commonly used MITRE ATT&CK techniques and common ways to detect them
  • You have experience using and reviewing logs from various Operating Systems (MacOS, Linux, Windows) and cloud infrastructures (GCP, AWS, Azure, etc)

Responsibilities

  • Build, test and deploy detection analytics based on research of novel attack techniques and real world threats to Box
  • Work closely with our Incident Response Teams to improve the fidelity, context and automation of new and existing alerting
  • Identify and assist service owners with logging configuration to eliminate gaps in logging visibility
  • Work closely with our Red Team to identify and develop solutions for gaps in detection coverage
  • Participate in Purple Team exercises to improve and validate detections
  • Work closely with our Intelligence Team to focus detection efforts on prioritized threat behaviors
  • Participate in after hours on-call rotation when required

Preferred Qualifications

Head-over-heels about this role β€” but not sure you meet all the requirements? Apply anyway!

Benefits

  • Equity
  • Benefits

Remote

Cybersecurity

Mid-level

Share this job:

Disclaimer: Please check that the job is real before you apply. Applying might take you to another website that we don't own. Please be aware that any actions taken during the application process are solely your responsibility, and we bear no responsibility for any outcomes.

Similar Remote Jobs