Senior Embedded Security Engineer
- San Francisco, CA
- Employees can work remotely
Square builds common business tools in unconventional ways so more people can start, run, and grow their businesses. When Square started, it was difficult and expensive (or just plain impossible) for some businesses to take credit cards. Square made credit card payments possible for all by turning a mobile phone into a credit card reader. Since then Square has been building an entire business toolkit of both hardware and software products including Square Capital, Square Terminal, Square Payroll, and more. We’re working to find new and better ways to help businesses succeed on their own terms—and we’re looking for people like you to help shape tomorrow at Square.
Embedded Security Engineers specialize in the security concerns surrounding Square’s hardware products, including our readers and custom Android devices like Square Register. Embedded Security Engineers are involved in all areas of hardware development, from design through firmware development and from prototyping through production manufacturing. We are looking for smart, motivated engineers who want to build, refine, and occasionally break amazing things with us.
Design, implement, deploy, and maintain security architectures and countermeasures to protect and enable innovative new Square payment devices
Balance security, compliance, performance, power and cost for a diverse portfolio of embedded devices and the associated manufacturing and backend infrastructure
Evaluate the security of new product designs to determine vulnerability to a wide variety of attack vectors - and subsequently deploy countermeasures that defend against these attacks
Be an internal security subject matter expert, advocating for better security practices throughout Square, and driving product security decision making in a collaborative environment
You have two or more of the following:
Extensive knowledge of firmware and embedded operating system, or mobile operating system (in particular, Android) security principles
Strong understanding of cryptography, protocol design and analysis
Experience in reverse-engineering and exploitation of embedded or mobile systems, and design/development of exploit mitigation techniques
Experience with practical deployment of secure boot implementations, key management, and/or cryptographic architectures for extreme cost- and power-limited solutions
Professional software development experience in C/C++, Ruby, Python, Go and/or Java
At least 8 years of experience in the embedded security area.
Experience taking a hardware product from concept to mass production
Experience in security testing of mobile or embedded systems, including fuzzing or penetration testing
Experience in security code review and vulnerability triaging
Experience in security incident response
Prior project work involving hardware security modules and device provisioning infrastructure
At Square, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)squareup.com. We will treat your request as confidentially as possible. In your email, please include your name and preferred method of contact, and we will respond as soon as possible.
At Square, we want you to be well and thrive. Our global benefits package includes:
- Healthcare coverage
- Retirement Plans
- Employee Stock Purchase Program
- Wellness perks
- Paid parental leave
- Paid time off
- Learning and Development resources