myGwork - LGBTQ+ Business Community
Software Engineer III, Authentication & Security Engineering
myGwork - LGBTQ+ Business Community, Redwood City, California, United States, 94061
Overview
Software Engineer III, Authentication & Security Engineering The Identity and Security Foundation (ISF) team serves as the gatekeeper of Box. Every request to access Box services must be authenticated through one of the systems we manage. We are responsible for all authentication flows at Box—including web, API, microservice-to-microservice, and SSO. Our team governs, architects, and builds the authentication infrastructure that underpins Box’s security. Whether it's scaling systems to handle billions of requests per day, developing new capabilities to deliver seamless security, or reimagining passwords for a multi-device world, we empower Box’s rapid growth. The modern, secure, and reliable services and frameworks we create are critical to realizing Box’s ambitious vision. What You’ll Do
Design, develop, and maintain secure and scalable authentication and authorization systems using technologies like Java, PHP, Docker, and Kubernetes. Build high-quality microservices focused on security features such as MFA, SSO, OAuth2.0, OIDC, JWT Auth, token management, scopes and permissions. Collaborate closely with cross-functional teams including product managers and other engineers to deliver reliable solutions aligned with business needs. Contribute to code reviews and help improve team best practices around security standards and software quality. Troubleshoot production issues related to authentication services; implement fixes while balancing performance and usability. Participate in architectural discussions by providing input based on hands-on experience with secure web service design. Mentor junior engineers by sharing knowledge about secure coding patterns and system design principles. Participate in our on-call rotation, and be available during on-call shifts to respond to and triage any issues that arise. Who You Are
Bachelor’s degree in Computer Science or related field—or equivalent practical experience—with strong fundamentals in software development concepts. You have 3+ years of professional software engineering experience working primarily with Java or PHP in production environments. Solid understanding of modern authentication mechanisms like MFA, SSO, OAuth 2.0 flows, and JWT token management, including scope and permission enforcement. Experience building RESTful APIs or microservices architectures with an emphasis on security best practices. Comfortable collaborating across teams to translate requirements into technical designs that balance security needs with user experience. You understand how to balance security concerns alongside system performance and usability without compromising quality. Box lives its values, with community and in-person collaboration being a core part of our culture. Boxers are expected to work from their assigned office a minimum of 3 days per week. Your Recruiter will share more about how we work and company culture during the hiring process. EQUAL OPPORTUNITY
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation. Box strives to respect the dignity and independence of people with disabilities and is committed to giving them the same opportunity to succeed as all other employees. Inclusiveness is core to our culture at Box, and we strive to ensure you get the most from your interview experience. Box makes reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please complete this form.
#J-18808-Ljbffr
Software Engineer III, Authentication & Security Engineering The Identity and Security Foundation (ISF) team serves as the gatekeeper of Box. Every request to access Box services must be authenticated through one of the systems we manage. We are responsible for all authentication flows at Box—including web, API, microservice-to-microservice, and SSO. Our team governs, architects, and builds the authentication infrastructure that underpins Box’s security. Whether it's scaling systems to handle billions of requests per day, developing new capabilities to deliver seamless security, or reimagining passwords for a multi-device world, we empower Box’s rapid growth. The modern, secure, and reliable services and frameworks we create are critical to realizing Box’s ambitious vision. What You’ll Do
Design, develop, and maintain secure and scalable authentication and authorization systems using technologies like Java, PHP, Docker, and Kubernetes. Build high-quality microservices focused on security features such as MFA, SSO, OAuth2.0, OIDC, JWT Auth, token management, scopes and permissions. Collaborate closely with cross-functional teams including product managers and other engineers to deliver reliable solutions aligned with business needs. Contribute to code reviews and help improve team best practices around security standards and software quality. Troubleshoot production issues related to authentication services; implement fixes while balancing performance and usability. Participate in architectural discussions by providing input based on hands-on experience with secure web service design. Mentor junior engineers by sharing knowledge about secure coding patterns and system design principles. Participate in our on-call rotation, and be available during on-call shifts to respond to and triage any issues that arise. Who You Are
Bachelor’s degree in Computer Science or related field—or equivalent practical experience—with strong fundamentals in software development concepts. You have 3+ years of professional software engineering experience working primarily with Java or PHP in production environments. Solid understanding of modern authentication mechanisms like MFA, SSO, OAuth 2.0 flows, and JWT token management, including scope and permission enforcement. Experience building RESTful APIs or microservices architectures with an emphasis on security best practices. Comfortable collaborating across teams to translate requirements into technical designs that balance security needs with user experience. You understand how to balance security concerns alongside system performance and usability without compromising quality. Box lives its values, with community and in-person collaboration being a core part of our culture. Boxers are expected to work from their assigned office a minimum of 3 days per week. Your Recruiter will share more about how we work and company culture during the hiring process. EQUAL OPPORTUNITY
We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability, and any other protected ground of discrimination under applicable human rights legislation. Box strives to respect the dignity and independence of people with disabilities and is committed to giving them the same opportunity to succeed as all other employees. Inclusiveness is core to our culture at Box, and we strive to ensure you get the most from your interview experience. Box makes reasonable accommodations for applicants with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, please complete this form.
#J-18808-Ljbffr