We believe everyone should be able to participate and thrive in the economy. So we’re building tools that make commerce easier and more accessible to all. We started with a little white credit card reader but haven’t stopped there. Our new reader helps our sellers accept chip cards and NFC payments, and our Cash app lets people pay each other back instantly. We’re empowering the independent electrician to send invoices, setting up the favorite food truck with a delivery option, helping the ice cream shop pay its employees, and giving the burgeoning coffee chain capital for a second, third, and fourth location. Let’s shorten the distance between having an idea and making a living from it. We’re here to help sellers of all sizes start, run, and grow their business—and helping them grow their business is good business for everyone.

Square’s Information Security culture is focused on enabling our engineering teams build and ship products. We work to achieve this by designing, building, and deploying state of the art security features alongside our product teams.

Mobile Security Engineers specialize in the security concerns surrounding Square's applications that run on consumer mobile platforms, as well as for the kernel and above in our custom Android distribution.  You will work on systems-level remote attestation software that ensures that our low-level software is stable and reliable enough to run safely on many millions of business-critical devices and that our detection methods scale.

You will:

• Design, implement, deploy, and maintain security protections for a diverse portfolio of mobile payment products
• Maintain knowledge of state of the art attacks against consumer mobile platforms, including using reverse engineering to understand and mitigate new techniques
• Analyze device telemetry data to detect attacks and identify anomalies
• Devise innovative solutions to security problems that are typically considered unsolvable in the payments industry - because solving them empowers our customers to participate in the economy

Must have:

• Strong understanding of low-level exploitation and mitigation techniques
• Comfort with reverse engineering on ARM or x86 platforms
• Ability to communicate clearly and concisely about deeply technical topics
• Professional software development experience in C, as well as ruby or python

Even Better:

• Demonstrated experience attacking or defending iOS/macOS or Android platforms
• Significant experience developing security products from concept through deployment, including automated validation of both functional and security requirements
• Previously discovered critical vulnerabilities in consumer mobile devices, applications, or operating systems
• Track record of defensive projects or improvements to existing systems in the mobile or embedded space

At Square, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance.