Senior Infrastructure Security Engineer (Build Systems & Software Supply Chain Security)
- Atlanta, GA
- Employees can work remotely
- Alternate Location: Toronto, Canada
Square’s Information Security culture is focused on enabling our engineering teams to build and ship secure products. We achieve this by designing, building, and deploying state of the art security alongside our product and infrastructure teams.
The Software Supply Chain Security team, within Infrastructure Security, is focused on ensuring that the code Square ships is as secure as possible. We blend third-party tooling with in-house systems to improve the security of many types of code including backend, frontend, infrastructure, and mobile.
Harden Square’s build systems and overall software supply chain by designing, architecting and building security services. Your work leading the implementation of security systems will have a broad impact across Square’s software development organization, securing the critical systems for delivering our products.
Partner with groups across the company to secure multiple different CI and build systems (notably for web apps, mobile apps, hardware, etc) and programming languages.
Collaborate with software engineers across the company to implement solutions that “grease the wheels” of security best practices from commit to artifact
Work remotely or in any Square office location in the USA or Canada. Occasional travel may be required for team offsites after the pandemic. SSCS is a fully distributed team.
6+ years total experience in tech, with at least 3 years of experience in security
You work well cross-functionally, and can communicate with audiences who may not have a security background.
You have worked both in information security (Application Security, Detection/Response, Blue Team, Red Team, etc), and at least one other discipline such as systems, software engineering, test, etc.
You have experience securing multiple different build & CI systems and have interest in or experience with build attestation systems. You are also familiar with the software development process and have worked closely with engineers.
You are familiar with at least one cloud platform (AWS, GCP, etc) or on-prem infrastructure deployments.
You have experience writing code to solve security issues. This could be writing security tools, integrating security into products, or automation/management of security-sensitive environments.
Interest in Software Supply Chain Security (no experience required)
Technologies We Use & Teach:
Ruby and Rails
Jenkins, BuildKite, TravisCI
AWS, GCP & on-Prem infrastructure
Grafeas, build attestation systems, and other tools pertinent to Software Supply Chain Security
We’re working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. Square is a proud equal opportunity employer. We work hard to evaluate all employees and job applicants consistently, without regard to race, color, religion, gender, national origin, age, disability, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.
We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible.
Additionally, we consider qualified applicants with criminal histories for employment on our team, and always assess candidates on an individualized basis.
At Square, we want you to be well and thrive. Our global benefits package includes:
- Healthcare coverage
- Retirement Plans
- Employee Stock Purchase Program
- Wellness perks
- Paid parental leave
- Paid time off
- Learning and Development resources
Square, Inc. (NYSE: SQ) builds tools to empower businesses and individuals to participate in the economy. Sellers use Square to reach buyers online and in person, manage their business, and access financing. Individuals use Cash App to spend, send, store, and invest money. And TIDAL is a global music and entertainment platform that expands Square's purpose of economic empowerment to artists. Square, Inc. has offices in the United States, Canada, Japan, Australia, Ireland, Spain, Norway, and the UK.