Threat Detection Engineer

WHAT IS BOX? Box is the market leader for Cloud Content Management. Our mission is to power how the world works together. Box is partnering with enterprise organizations to accelerate their digital transformation by creating a single platform for secure content management, collaboration and workflow. We have an amazing opportunity to further establish ourselves as leaders in the space, and we need strong advocates to help us achieve that goal.    By joining Box, you will have the unique opportunity to help capture a majority of this developing market and define what content management looks like for the digital enterprise. Today, Box powers over 99,000 businesses, including 70% of the Fortune 500 who trust Box to manage their content in the cloud.    WHY BOX NEEDS YOU  Every business in the world is looking to modernize the way that they work. As the leader in cloud content management, Box is the only company positioned to help enterprises transform how people work together. Come help us continue to develop a forward-leaning security posture and an incredible team dedicated to detecting and responding to threats, keeping both Box and our customers safe.      WHAT YOU'LL DO 

• Build, test and deploy detection analytics based on research of novel attack techniques and real world threats to Box.
• Work closely with our Incident Response Team to improve the fidelity, context and automation of new and existing alerting.
• Identify and assist service owners with logging configuration to eliminate gaps in logging visibility.
• Work closely with our Offensive Security Team to identify and develop solutions for gaps in detection coverage.

  WHO YOU ARE 

• A Bachelors degree in computer science, cybersecurity, mathematics, data science or related fields, or equivalent work experience.
• 4+ years of experience in a security operations role. 
• You are comfortable (and enjoy!) searching through TB's of data in a SIEM to find interesting patterns (i.e. Splunk, ELK, etc.).
• You are familiar with Splunk Processing Language (SPL) or SQL and want to become a power user.
• You have worked as an incident responder or have partnered closely with an incident response team.
• You are comfortable writing small scripts in python or similar scripting languages.
• You have an understanding of how attackers leverage commonly used Mitre Att&ck techniques and common ways to detect them.

  BENEFITS  Box Benefits package includes pension, medical and dental coverage. We have a robust wellness program including 25 days of vacation (plus your birthday off!) and subsidized gym membership. There is such a thing as a free lunch, our in-house chef prepares this daily along with lots of snacks and drinks. EMEA HQ office is located in the impressive White Collar Factory on Old Street; www.whitecollarfactor.com, European offices in Paris and Munich.   EQUAL OPPORTUNITY  We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.   For details on how we protect your information when you apply, please see our Personnel Privacy Notice.   #LI-EMEA