Events  Deals  Jobs 
    Sign in  
Boxed // mobile bulk shopping
Apply To Job

Unpack your Potential at Boxed!

Boxed is made up of a vibrant & fun group of engineers, designers, marketers, salespeople, & operations specialists... just to name a few! We work with passion for driving superior value & experience to our customers. Our customers choose to buy from Boxed because we save them time & money, which in turn makes their lives easier. Thats where you come in!

We're seeking an experienced Lead AppSec & Cloud Security Engineer to join our technology operations & security team & take ownership & responsibility for the management & monitoring of all Cloud-specific Security initiatives as well as overall technology security preparation & resilience. This role will report to the Head of Information Security. 

You will...

  • Design & develop Google Cloud-specific security policies, standards & procedures
  • Implement & manage application vulnerability assessments automation
  • Conduct application threat modeling & security assessments including penetration testing of web & mobile applications (iOS & Android)
  • Support secure application development practices & a secure development mentality
  • Identify, communicate, & provide targeted remediation of vulnerabilities
  • Develop & update security patterns aligned with security requirements
  • Identify application security requirements for projects
  • Coordinate & collaborate with multiple teams to ensure the confidentiality, integrity, & availability of assets that meets business needs
  • Perform other security-related projects that may be assigned according to skills
  • Be responsible for DevSecOps - integrating security into CI/CD pipelines
  • Be responsible for Automation of security controls & standards.


  • Familiarity with Jenkins based CI/CD Pipelines
  • Familiarity with Google Cloud Policy, Configuration, & Security Management tools
  • Working experience to implement & test automation scripts & setups
  • Familiar with integrating security tools & providing vulnerability assessments
  • Leveraging tools such as Burp Suite Enterprise, Snyk, Lacework, Wiz, OWASP ZAP
  • Understanding of OWASP Top 10 & SANS Top 25 vulnerabilities & how to remediate
  • Working knowledge of using API to interact with web services provided by tools
  • Conduct tool evaluations & build proof of concepts
  • Integrate with reporting tools to provide consolidated view
  • Ability to turn technical standards into working practice
  • Assist in driving consistency & standardization of DevSecOps services across the enterprise
  • Strong Automation, IaaC skills (Terraform)
  • Contribute to security & compliance audits including PCI, ISO-27001, & SOC2
  • Experience using a Log Aggregation Platform
  • Maintain documentations & user guides
  • Knowledge of security within cloud environment, especially around networking, security & administration
  • A motivated & flexible approach to work in an adapting fast-moving Agile environment
  • Can demonstrate strong performance ethos & personal commitment for outstanding customer service
  • Ability to interface with both technical & non-technical teams
  • Willingness to train & up-skill on a continuous basis
  • Excellent communication, time management & organizational skills.

Benefits & Perks:

  • Working with smart & innovation focused people, within a collegial & collaborative culture
  • Competitive salary
  • Stock options
  • Unlimited vacation
  • Full healthcare benefits 
  • 6 month paid maternity/paternity leave. 

All about these Boxed Boxes!

Boxed was launched in our CEOs garage in 2013 by our four founders; an eclectic group of experienced tech pioneers. They had a simple idea: to make shopping for bulk-sized products easy, convenient & fun. Today, we deliver a first class e-commerce experience for everyday essentials across the country.

Were a publicly listed company that places technology & innovation at the heart of all that we do. Our technology platform & automated, state-of-the-art fulfillment centers make headlines & our systems utilize machine learning, predictive analytics & other technologies to ensure a delightful B2C & B2B online shopping experience.  While technology is at the core of what we do, providing a personalized, thoughtful & seamless shopping experience is at the core of who we are. We value each & every customer & every single order receives a hand-written thank you note.

Currently, all corporate employees are working remotely from home until it is deemed safe to return to our offices by local & state health officials. We have offices located in New York City (NY) and San Mateo (CA), & three fulfillment centers in New Jersey, Nevada & Texas. Fully remote candidates will be considered for certain categories of roles.

Apply To Job
© 2023 GarysGuide      About    Feedback    Press    Terms