Square's Security culture is focused on allowing our engineering teams to build secure products. We achieve this by building, and operating state-of-the-art  security alongside our product and infrastructure teams. The Square Security team works with other teams at Square to build world-class products for both customers and employees. Our ultimate goal is to ensure that every experience with Square is simple, secure, and safe.

We are looking for a Security Automation Lead to shape the way we automate security services across the organization. We are looking for an innovative security champion to solve complex security problems and develop a security automation framework. 

You will: 

• Work closely with other architects, developers and operators to achieve a security solution
• Be hands-on and an essential part of the engineering team for a product security automation framework development, evangelism, and maintenance
• Need to be a self-starter, of new technologies and have experience in product security such as secure application design, static code analysis and web/mobile application vulnerabilities.
• Integrate security capabilities with other security pillars including identity access management, data protection, network security and application security
• Advise leadership on Security issues, systems, processes, products, and services

You have: 

• 10+ years experience in a commercial environment using server-side modern programming languages - e.g Node.js/JavaScript, Python, Golang
• 5+ years experience managing Linux applications within a cloud environment (we are currently on AWS but may be adding additional platforms soon)
• 7+ years experience in specializing in security in a technical operations, devops, or SRE team role
• 3+ years relational database experience - specific tech not important, but concepts are
• 3+ years of experience with writing, running and managing containers and container orchestration systems
• 3+ years experience with writing automation tools, and/or working with Infrastructure as Code
• 3+ years managing high traffic, geographically distributed, highly available, production web applications 

 
Technologies we teach:

• Java & Go
• HSMs
• AWS/GCP/Square-owned datacenter
• SPIFFE
• Service Mesh, Envoy
• Lambda, Kubernetes, Docker

• Healthcare coverage
• Retirement Plans
• Employee Stock Purchase Program
• Wellness perks
• Paid parental leave
• Paid time off
• Learning and Development resources