Security Incident Response Team Manager - London

London

Applications have closed

Box

Box empowers your teams by making it easy to work with people inside and outside your organization, protect your valuable content, and connect all your apps.

View company page

  WHAT IS BOX?   Box is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organisations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal.    By joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers over 98,000 businesses, including 70% of the Fortune 500 who trust Box to manage their content in the cloud.    Purpose  Box is continuing its investments in security and is looking for a Security Manager to join our Incident Response Team team. In this role, you will be focused on running a highly talented team of security analysts and specialists to defend the Box Corporate and Production network from threats. You'll be tackling security@scale with a good runway to help set the direction of the group, this is not your typical security role!      WHY BOX NEEDS YOU?    Box is scaling at a rapid pace. With innovation and speed comes interesting security challenges. Our customers demand world class security.  We need your creativity, technical expertise, and leadership skills to help us tackle these challenges.   Why Box needs you? Every business in the world is looking to modernize the way that they work. As the leader in cloud content management, Box is the only company positioned to help enterprises transform how people work together. Come help us continue to develop a forward-leaning security posture and an incredible team dedicated to detecting and responding to threats, keeping both Box and our customers safe.      Why you need Box? Box presents a unique opportunity to be a part of building our global security team at massive scale. We have built a world-class group with some amazing talent and this is a unique opportunity to grow with us.  We have the data, we have the corporate support and we're looking to grow.  All we need is you!     WHO YOU ARE?    Responsibilities
  • People leadership supporting a great team of security analysts and specialists.
  • Maturing incident response processes.
  • Working across multiple teams including engineering, legal, communications and technical operations.
  • Ensure logging health, identifying and remediating coverage gaps.
  • Working with our threat intelligence, purple team and detection team to validate and remediate cyber security incidents.
  • Support the Product Security Team by providing analysis of Bug Bounty reports and other product security issues.
  • Building an incident response team roadmap.
    General Role Experience - if you're hitting several bullets, please apply: People oriented role that can align multiple stakeholders of differing disciplines.
  • Experience working with Legal, HR, Compliance, Technical Operations in a SaaS or Large Enterprise Environment
  • Proven track record as a tech lead or people manager with the ability to multi-task
  • Bachelor's degree in a technical, engineering or IT related field or equivalent and 5+ years related experience (bonus points for Master's in a technical field)
  • Industry Recognized Security Certifications like Splunk Certifications, CISSP, GCIA, GCIH, GREM
  • Incident Response and Incident investigation:
      • MacOS Environments
      • Container Security (Docker, Kubernetes)
      • Endpoint Security (Crowdstrike, Endgame, CarbonBlack, OSQuery)
      • Public Cloud Security (AWS, Microsoft Azure, Google Cloud, etc)
      • On-premise IaaS Security (Kubernetes, OpenStack, VMware, Hyper-V, etc)
      • Network IDS/IPS (Bro, Surricata, Snort)
      • Host-level Security using technologies like auditd, osquery, Linux system logs, Windows event logs, etc.
      • Web Application Security (OWASP Top 10)
  • Relentless automation (we have a pretty sweet SOAR platform and have a dedicated automation team).
  • Scripting (python, bash, zsh, powershell, etc)
  • Formal security models like MITRE ATT&CK or CIS Critical Security Controls
  • Security Visualization and defining Security Metrics
  • Advanced experience with Splunk, Splunk Processing Language (SPL), or other query languages
  • Strong written and verbal communication skills 
  • Ability to de-escalate high-pressure situations, synthesize the big picture and be able to rapidly\accurately communicate with both technical and non-technical stakeholders
  • Passionate about supporting, leading and mentoring team with a track record of building highly effective teams
  • Experience of setting team OKR's and KPI's
  Nice to have:
  • Experience securing cloud deployments involving AWS, Docker, Hashicorp tools, Kubernetes and Serverless architectures like Lambda  
  • Prior work experiences in dev ops, software engineering or sys admin roles
  • Visualization and machine learning experience
  • Prior experience working in a global environment
  • Prior open source contributions
  BENEFITS   Box Benefits package includes pension, medical and dental coverage. We have a robust wellness program including 25 days of vacation (plus your birthday off!) and subsidised gym membership. There is such a thing as a free lunch, our in-house chef prepares this daily along with lots of snacks and drinks. EMEA HQ office is located in the impressive White Collar Factory on Old Street; www.whitecollarfactor.com, European offices in Paris and Munich.   EQUAL OPPORTUNITY    We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, colour, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.   For details on how we protect your information when you apply, please see our Personnel Privacy Notice.   #LI-EMEA

Tags: Application security Automation AWS Azure Bash CISSP Cloud Compliance DevOps Docker Endpoint security GCIA GCIH GCP GREM Hyper-V IaaS IDS Incident response IPS Kubernetes Lambda Linux Machine Learning MacOS MITRE ATT&CK Open Source OpenStack OWASP PowerShell Privacy Product security Python SaaS Scripting Snort SOAR Splunk Threat intelligence VMware Windows

Perks/benefits: Career development Fitness / gym Health care Lunch / meals Salary bonus

Region: Europe
Country: United Kingdom
Job stats:  10  0  0

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.