Director of Security Operations and Technology Risk - Boxed New York City, New York, United States Bookmark Share Print 54 0 1

Listing Description

Unpack your Potential at Boxed!

Boxed is made up of a vibrant and fun group of engineers, designers, marketers, salespeople and operations specialists... just to name a few! We work with passion for driving superior value and experience to our customers. Our customers choose to buy from Boxed because we save them time and money, which in turn makes their lives easier. That’s where you come in!

We're seeking an experienced Director of Security Operations and Technology Risk to join our technology leadership function. The Technology Director will be responsible for overseeing the Security Operations and Technology Risk Programs at Boxed, reporting in to the Head of Information Security.  

You will...

  • Conduct risk assessments to enable stakeholders to describe and understand technology risk in both quantitative and qualitative terms

  • Translate the results of risk assessments into roadmaps to drive maturation initiatives and ensure the secure and efficient delivery of Boxed’s technology services

  • Work cross-functionally across technical and non-technical teams to foster appreciation and support for security priorities and initiatives 

  • Continually quantify/assess the effectiveness of security controls and drive necessary improvements

  • Identify, research and evaluate new compliance requirements and ensure they are incorporated into Boxed’s security policy framework

  • Lead, build, retain, and develop a team of information security and technology risk professionals

  • Oversee the identification, validation and remediation of information technology controls required by SOC2, PCI DSS, CCPA, GDPR, and other applicable regulatory compliance frameworks

  • Define, implement and execute a third party security assessment and risk management program. 


  • Bachelor of Science degree in Information Systems, Computer Science, Engineering, Business Administration or other related field (or equivalent work experience).

  • 12+ years of professional experience in technology focused on information security and risk management

  • Knowledge of, and experience in, security requirements, standards and practices including NIST CSF, NIST 800-53, ISO 27001, PCI, SOC2, COBIT, SOX, GDPR, etc.

  • Experience in developing, socializing, and operationalizing security and technology policies, processes, procedures and standards

  • Leadership skills in influencing and managing change

  • Demonstrated track record in successfully managing ambitious, strategic, and operationally complex projects with cross-functional teams

  • Knowledge of and hands-on experience in risk and compliance tools/technologies 

  • Experience partnering with technical and non-technical teams to perform technology risk assessments

  • ServiceNow IRM/GRC and Vendor Risk Assessment implementation experience considered a big plus. 

  • Professional IT Security certifications such as CISSP, CISM, CISA or CRISC preferred. 

Benefits & Perks:

  • Working with smart, positive people, we have a no jerk policy.

  • Competitive salary

  • Stock options

  • Unlimited vacation

  • Full healthcare benefits. 

  • 6 month paid maternity/paternity leave. 

All about these Boxed Boxes!

Boxed was launched in our CEO’s garage in 2013 by our four founders; an eclectic group of experienced tech pioneers. They had a simple idea: to make shopping for bulk-sized products easy, convenient and fun. Today, we deliver a first class e-commerce experience for everyday essentials across the country.

We’re a publicly listed company that places technology and innovation at the heart of all that we do. Our technology platform and automated, state-of-the-art fulfillment centers make headlines and our systems utilize machine learning, predictive analytics and other technologies to ensure a delightful B2C and B2B online shopping experience.  While technology is at the core of what we do, providing a personalized, thoughtful and seamless shopping experience is at the core of who we are. We value each and every customer and every single order receives a hand-written thank you note.

Currently, all corporate employees are working remotely from home until it is deemed safe to return to our offices by local and state health officials. We have offices located in New York City (NY) and San Mateo (CA), and three fulfillment centers in New Jersey, Nevada and Texas. Fully remote candidates will be considered for certain categories of roles.


Listing Details

  • Citizenship: Not Provided
  • Incentives: Not Provided


  • Education: Not Provided
  • Travel: Not Provided
  • Telework: Not Provided

About Us

NinjaJobs is a community-run job platform developed by information security professionals. Our unique approach of focusing strictly on cybersecurity positions allows us to personalize the user experience.

Our Contacts

1765 Greensboro Station Pl.
Suite 900
Tysons Corner Va 22102

(703) 594-7765