Box
Software Engineer III, Identity and Security Foundation
Box, Redwood City, California, United States, 94061
Overview
Box (NYSE:BOX) is the leader in Intelligent Content Management. Our platform enables organizations to fuel collaboration, manage the entire content lifecycle, secure critical content, and transform business workflows with enterprise AI. We help companies thrive in the AI-first era of business. Founded in 2005, Box serves global organizations and is headquartered in Redwood City, CA, with offices across the United States, Europe, and Asia.
By joining Box, you will have the opportunity to continue driving our platform forward. Content powers how we work—the billions of files and information flowing across teams, departments, and key business processes every day: contracts, invoices, employee records, financials, product specs, marketing assets, and more. Our mission is to bring intelligence to the world of content management and empower our customers to transform workflows across their organizations.
Why Box Needs You The Identity and Security Foundation (ISF) team serves as the gatekeeper of Box. Every request to access Box services must be authenticated through one of the systems we manage. We are responsible for all authentication flows at Box—including web, API, microservice-to-microservice, and SSO. Our team governs, architects, and builds the authentication infrastructure that underpins Box’s security.
What You’ll Do
Design, develop, and maintain secure and scalable authentication and authorization systems using technologies like Java, PHP, Docker, and Kubernetes.
Build high-quality microservices focused on security features such as MFA, SSO, OAuth 2.0, OIDC, JWT Auth, token management, scopes and permissions.
Collaborate with cross-functional teams including product managers and other engineers to deliver reliable solutions aligned with business needs.
Contribute to code reviews and help improve team best practices around security standards and software quality.
Troubleshoot production issues related to authentication services; implement fixes while balancing performance and usability.
Participate in architectural discussions by providing input based on hands-on experience with secure web service design.
Mentor junior engineers by sharing knowledge about secure coding patterns and system design principles.
Participate in on-call rotation and be available during on-call shifts to respond to and triage issues that arise.
Who You Are We are an AI-first company. You approach your work with a growth mindset and seek ways to leverage AI to help create faster, smarter decisions that multiply your impact at Box.
Bachelor’s degree in Computer Science or related field—or equivalent practical experience—with strong fundamentals in software development concepts.
3+ years of professional software engineering experience with Java or PHP in production environments.
Solid understanding of modern authentication mechanisms like MFA, SSO, OAuth 2.0 flows, and JWT token management, including scope and permission enforcement.
Experience building RESTful APIs or microservices architectures with emphasis on security best practices.
Ability to collaborate across teams to translate requirements into technical designs that balance security needs with user experience.
Understanding of balancing security concerns with system performance and usability without compromising quality.
Box lives its values, with community and in-person collaboration as a core part of our culture. Boxers are expected to work from their assigned office a minimum of 3 days per week. Your Recruiter will share more about how we work and our culture during the hiring process.
At Box, we believe unique and diverse experiences benefit our culture, our products, our customers, our company, and our world. If you are excited about this role but unsure if you meet all requirements, we encourage you to apply!
Equal Opportunity We are an equal opportunity employer and value diversity. We do not discriminate on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, or other protected grounds. Box provides reasonable accommodations for applicants with disabilities and may adjust scheduling or processes as needed during recruiting.
Details on protection of applicant information and privacy notices are available as part of our recruitment process.
United States Pay Range
$155,500 — $194,500 USD
#LI-DR1
#LI-Hybrid
#J-18808-Ljbffr
By joining Box, you will have the opportunity to continue driving our platform forward. Content powers how we work—the billions of files and information flowing across teams, departments, and key business processes every day: contracts, invoices, employee records, financials, product specs, marketing assets, and more. Our mission is to bring intelligence to the world of content management and empower our customers to transform workflows across their organizations.
Why Box Needs You The Identity and Security Foundation (ISF) team serves as the gatekeeper of Box. Every request to access Box services must be authenticated through one of the systems we manage. We are responsible for all authentication flows at Box—including web, API, microservice-to-microservice, and SSO. Our team governs, architects, and builds the authentication infrastructure that underpins Box’s security.
What You’ll Do
Design, develop, and maintain secure and scalable authentication and authorization systems using technologies like Java, PHP, Docker, and Kubernetes.
Build high-quality microservices focused on security features such as MFA, SSO, OAuth 2.0, OIDC, JWT Auth, token management, scopes and permissions.
Collaborate with cross-functional teams including product managers and other engineers to deliver reliable solutions aligned with business needs.
Contribute to code reviews and help improve team best practices around security standards and software quality.
Troubleshoot production issues related to authentication services; implement fixes while balancing performance and usability.
Participate in architectural discussions by providing input based on hands-on experience with secure web service design.
Mentor junior engineers by sharing knowledge about secure coding patterns and system design principles.
Participate in on-call rotation and be available during on-call shifts to respond to and triage issues that arise.
Who You Are We are an AI-first company. You approach your work with a growth mindset and seek ways to leverage AI to help create faster, smarter decisions that multiply your impact at Box.
Bachelor’s degree in Computer Science or related field—or equivalent practical experience—with strong fundamentals in software development concepts.
3+ years of professional software engineering experience with Java or PHP in production environments.
Solid understanding of modern authentication mechanisms like MFA, SSO, OAuth 2.0 flows, and JWT token management, including scope and permission enforcement.
Experience building RESTful APIs or microservices architectures with emphasis on security best practices.
Ability to collaborate across teams to translate requirements into technical designs that balance security needs with user experience.
Understanding of balancing security concerns with system performance and usability without compromising quality.
Box lives its values, with community and in-person collaboration as a core part of our culture. Boxers are expected to work from their assigned office a minimum of 3 days per week. Your Recruiter will share more about how we work and our culture during the hiring process.
At Box, we believe unique and diverse experiences benefit our culture, our products, our customers, our company, and our world. If you are excited about this role but unsure if you meet all requirements, we encourage you to apply!
Equal Opportunity We are an equal opportunity employer and value diversity. We do not discriminate on race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, or other protected grounds. Box provides reasonable accommodations for applicants with disabilities and may adjust scheduling or processes as needed during recruiting.
Details on protection of applicant information and privacy notices are available as part of our recruitment process.
United States Pay Range
$155,500 — $194,500 USD
#LI-DR1
#LI-Hybrid
#J-18808-Ljbffr