Product Security Incident Response Analyst II
Austin, TX
Box
Box empowers your teams by making it easy to work with people inside and outside your organization, protect your valuable content, and connect all your apps.
WHAT IS BOX?
Box is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organizations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal.
By joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers over 97,000 businesses, including 70% of the Fortune 500 who trust Box to manage their content in the cloud.
WHY BOX NEEDS YOU
Box is growing fast. Real fast. Every business in the world is looking to modernize the way that they work. As the leader in cloud content management, Box is the ideally positioned company to help enterprises transform how people collaborate together. We want to make sure that the developers at Box have the best tools possible to drive that transformation in a secure and efficient way. That's where you come in!
You'll also get to learn about supporting compliance, legal, and internal infrastructure efforts as we are often domain experts for them. You'll get to work with a wide variety of partners and customers on a team that values input and learning.
WHAT YOU'LL DO
Box's Product Security Incident Response Team (PSIRT) is responsible for managing Box's product related security incidents. Box's PSIRT is a global team who responds to abuse events and those who attempt to use Box for malicious means. We need a PSIRT Analyst to join the Trust Office and assist with investigations, security incidents, vulnerability findings and recommendations for improving Box's product security. In addition, we need you to help the team better understand your areas of expertise and interest, and to share your knowledge in a collaborative environment that focuses on enabling the team to share their unique skills and perspectives.
We are focused on various abuse events that support Security efforts at Box. Some of those areas are:
- Publicly shared malware
- Phishing
- Disposable email address detection
- Credential stuffing
- Bug bounty and/or vulnerability discovery program findings and response
- Investigating and responding to abuse events and vulnerabilities found within Box's product
- Gathering metrics to drive data driven decisions within the Trust Office
- Executing and delivering work towards long-term goals and initiatives to support Box's overall security posture
- Working closely with the Security Incident Response Team (SIRT) and Product teams to make suggestions to improve Box's security
- Adapting to change and effectively organizing work according to business priorities
- The documentation of process and procedures
- You have 1-2 years of experience in the security industry or similar background
- You have experience working with a variety of cyber security related tools (Splunk, Burp Suite, etc.)
- You have experience working with automation teams or performing automation yourself
- You can perform analysis of large amounts of data and can come to logical conclusions involving that data
- You work well with the unpredictable, ever changing threat landscape that exists in cybersecurity
- You can perform independently to collect data, perform analysis, and research findings to determine if abuse or exploitation occurred
- You are collaborative with exceptional interpersonal and communication skills
- You are analytical, organized, know how to make a plan and execute it
- You're comfortable briefing executives on abuse events and discussing these concerns with customers
- You ideally have some type of customer service experience
BENEFITS
- Visit this webpage to check out all of our exciting benefits: https://join.collectivehealth.com/box
Tags: Automation Burp Suite Cloud Compliance Incident response Malware Privacy Product security PSIRT Splunk Vulnerabilities
Perks/benefits: Career development Team events
Region:
North America
Country:
United States
Job stats:
6
2
0
Categories:
Analyst Jobs
Incident Response Jobs
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Ethical hacker / Pentester H/F jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Architect jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs