Senior Software Security Engineer, Infrastructure
- San Francisco, CA, USA
- Employees can work remotely
- Position open to remote: Yes
The Square Security team works with other teams at Square to build world-class products for both customers and employees. Our ultimate goal is to ensure that every single experience with Square is simple, secure, and safe.
Square’s Security Infrastructure engineering team is responsible for some of the company’s most critical, high-SLA systems. Our software protects our customers’ most sensitive data. Our purpose is to identify our ecosystem’s security needs, and to meet those needs in a central and scalable way.
Design, implement, and maintain security-oriented software that makes it easier for non-security engineers to build secure products.
Own the delivery and success of critical payments security, secure storage, service identity, and PKI services.
Collaborate with many teams and functions across Square to make technical, design, strategy, and product decisions.
Act as an internal security subject matter expert, advocating for better security practices throughout Square.
Grow your career in an engaged and innovative engineering community that ships amazing products.
Work in any Square office location, or work remotely in the USA or Canada. Occasional travel may be required.
- Demonstrated success at building secure systems.
- Experience in software architecture and engineering.
- Experience in designing, deploying, and monitoring critical production systems.
- Strong background in applied cryptography.
- Experience with securing cloud platforms.
- Experience with Hardware Security Modules (HSMs).
- Experience with distributed systems.
- Experience with breaking secure systems.
- Experience with PCI security standards (including DSS and PTS).
Some of the technologies we use:
- Java, Go, Ruby
- AWS/GCP/Square-owned datacenter
- Service Mesh, Envoy
- Lambda, Kubernetes, Docker
We’re active contributors to open-source! Some of the projects we developed or maintain include:
Sharkey: a service for managing certificates for use by OpenSSH.
Ghostunnel: TLS proxy with mutual authentication for securing non-TLS services.
Certigo: A utility to examine and validate certificates in a variety of formats.
Certstrap: Tools to bootstrap CAs, certificate requests, and signed certificates.
Beancounter: A scalable Bitcoin balance audit tool.
Subzero: Square's Bitcoin Cold Storage solution.
At Square, we want you to be well and thrive. Our global benefits package includes:
- Healthcare coverage
- Retirement Plans
- Employee Stock Purchase Program
- Wellness perks
- Paid parental leave
- Flexible time off
- Learning and Development resources