Staff Security Engineer

Box is seeking a Staff Security Engineer to join our Product & Platform Security Engineering team in Warsaw, Poland. This role is integral to our mission of reimagining secure collaboration in the AI-first era, focusing on scaling security measures across our platform and product stack. The successful candidate will collaborate closely with our US-based Assurance & Architecture Engineering teams to enhance our security capabilities.

In this position, you will develop and implement security automation projects, ensuring software supply chain integrity and establishing secure development lifecycle (SDLC) guardrails. Your day-to-day responsibilities will include identifying potential attack vectors, validating them through experimentation, and operationalizing secure product development practices at scale. Additionally, you will work with cross-functional teams to embed security into workflows and tooling, and represent the team both internally and within the broader security community.

The ideal candidate will possess a strong foundation in security engineering, with hands-on experience in areas such as DevSecOps automation, software supply chain security, SDLC controls, fuzzing, or application security tooling. Proficiency in programming languages like Python, Go, Java, or TypeScript is essential, along with a proven track record of building production systems. A builder mindset, coupled with the ability to translate ambiguous risk areas into pragmatic roadmaps and measurable outcomes, is crucial. Excellent communication skills in English and the ability to collaborate across global teams are also required.

Box offers a comprehensive benefits package, including health and wellness programs, professional development opportunities, and a supportive work environment that values community and in-person collaboration. Employees are expected to work from their assigned office a minimum of three days per week, fostering a culture of learning and inclusion.

Joining Box means becoming part of a company that is at the forefront of intelligent content management, empowering organizations to transform workflows with enterprise AI. This role provides the opportunity to make a significant impact on the security of a platform used by millions, while working in a dynamic and inclusive environment that encourages growth and innovation.