Signals Development and Response Analyst
- San Francisco, CA
We believe the economy is better when everyone has access. When everyone has room to grow. No one should be left out because the cost is too great or the technology too complex. We started with a little white credit card reader but haven’t stopped there. We’re empowering the independent electrician to send invoices, setting up the favorite food truck with a delivery option, helping the ice cream shop pay its employees, and giving the burgeoning coffee chain capital for a second, third, and fourth location. We’re here to help sellers of all sizes start, run, and grow their business—and helping them grow their business is good business for everyone.
The Square Security team works to ensure the security of every transaction from dip to receipt and beyond. We strive to provide a secure environment that allows Square to build world-class products for both customers and employees. Our ultimate goal is to ensure that every single experience with Square is simple, secure, and safe.
The Detection and Response Engineering team contributes to the overall mission through systems hardening, intrusion detection and incident response. We are an engineering focused team and prioritize our work using an attack-driven defensive approach to prioritize our preventive controls, detective controls, and response program based on real world attacker behaviors. We automate the detection of, and response to, attack techniques, proactively hunt for threats in the environment and are responsible for incident response. Additionally, we provide subject matter expertise to infrastructure and product teams to create and enforce policies that strive to harden our assets from attacks and improve our ability to generate strong signals. As a Signals Development and Response Analyst:
Actively monitor, analyze and correlate activity, evaluate security incidents, perform research and provide in-depth incident analysis.
Instrument and monitor clients, servers and networks to detect malicious behavior.
Improve and automate internal capabilities for identifying, investigating, and responding to security events.
Develop signals to identify suspicious activities across all of Square’s properties
Investigate suspicious activities and leverage tactical and technical capabilities to eradicate threats.
Assist in the implementation of domain specific best practices for preventive controls.
Manually hunt for malicious activity and provide a feedback loop to signal development.
5+ years of related experience.
Demonstrated relevant experience as a key member of a detection and response team.
Strong security knowledge in at least one of the following domains: AWS, Google Cloud Platform, Linux, macOS, Windows.
Ability to work independently and lead projects and initiatives.
Scripting experience (i.e. Ruby, Python, shell scripting).
At Square, our purpose is to empower – within and outside of our walls. In order to build the best tools for the businesses and customers we support all over the world, we have to start at home with a workforce as diverse and empowered as our sellers. To this end, we take great care to evaluate all employees and job applicants equally, based on merit, competence, and qualifications. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, disability status, or any other characteristic protected by law. We encourage candidates from all backgrounds to apply and always consider qualified applicants with arrest and conviction records, in accordance with the San Francisco Fair Chance Ordinance. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)squareup.com. We will treat your request as confidentially as possible. In your email, please include your name and preferred method of contact, and we will respond as soon as possible.