Related skills
java python kubernetes go typescript📋 Description
- Design, build, and operate security automation for the SDLC in CI/CD.
- Develop and maintain software supply chain protections: SBOM, artifact signing, attestation.
- Create programmable security agents and backend services to test and validate components.
- Partner with product and platform engineering to embed security-by-design patterns.
- Deliver an MVP within the first quarter with measurable outcomes.
- Use telemetry to measure control effectiveness and trigger actions.
🎯 Requirements
- Strong software development skills in Python, Go, Java, or TypeScript.
- Hands-on security engineering or DevSecOps—integrating security into CI/CD.
- Practical experience with SLSA, Sigstore, SBOM, artifact signing, provenance.
- Familiarity with fuzzing, dynamic/static analysis, or runtime testing.
- Comfortable designing and operating cloud-native services (AWS, GCP) and build systems, Docker, Kubernetes.
- Builder–breaker mindset; strong collaboration and ability to write design docs and align cross-functionally.
🎁 Benefits
- Overview of Life at Box: https://careers.box.com/en/life-at-box/
- Hybrid work model; minimum 3 days in the office per week.
- Equal opportunity employer.
- Privacy notices and data protection information available to applicants.
Meet JobCopilot: Your Personal AI Job Hunter
Automatically Apply to Engineering Jobs. Just set your
preferences and Job Copilot will do the rest — finding, filtering, and applying while you focus on what matters.
Help us maintain the quality of jobs posted on Empllo!
Is this position not a remote job?
Let us know!