Embedded Security Engineer
- Full-time
Company Description
Job Description
Embedded Security Engineers specialize in the security concerns surrounding Square’s hardware products, including our readers and custom Android devices like Square Register. Embedded Security Engineers are involved in all areas of hardware development, from design through firmware development and from prototyping through production manufacturing. We are looking for smart, motivated engineers who want to build, refine, and occasionally break amazing things with us.
You will:
Design, implement, deploy, and maintain security architectures and countermeasures to protect and enable innovative new Square payment devices
Balance security, compliance, performance, power and cost for a diverse portfolio of embedded devices and the associated manufacturing and backend infrastructure
Evaluate the security of new product designs to determine vulnerability to a wide variety of attack vectors - and subsequently deploy countermeasures that defend against these attacks
Be an internal security subject matter expert, advocating for better security practices throughout Square, and driving product security decision making in a collaborative environment
Qualifications
You have two or more of the following:
Extensive knowledge of firmware and embedded operating system, or mobile operating system (in particular, Android) security principles
Strong understanding of cryptography, protocol design and analysis
Experience in reverse-engineering and exploitation of embedded or mobile systems, and design/development of exploit mitigation techniques
Experience with practical deployment of secure boot implementations, key management, and/or cryptographic architectures for extreme cost- and power-limited solutions
Professional software development experience in C/C++, Ruby, Python, Go and/or Java
At least 3 years of experience in the embedded security area.
Even Better:
Experience taking a hardware product from concept to mass production
Experience in security testing of mobile or embedded systems, including fuzzing or penetration testing
Experience in security code review and vulnerability triaging
Experience in security incident response
Prior project work involving hardware security modules and device provisioning infrastructure
Additional Information
Perks
At Square, we want you to be well and thrive. Our global benefits package includes:
- Healthcare coverage
- Retirement Plans
- Employee Stock Purchase Program
- Wellness perks
- Paid parental leave
- Paid time off
- Learning and Development resources