Security Compliance Manager, Payments

  • Full-time
  • Current Square Employee?: Apply via go/jobs with your Square email.

Company Description

Square builds common business tools in unconventional ways so more people can start, run, and grow their businesses. When Square started, it was difficult and expensive (or just plain impossible) for some businesses to take credit cards. Square made credit card payments possible for all by turning a mobile phone into a credit card reader. Since then Square has been building an entire business toolkit of both hardware and software products including Square Capital, Square Terminal, Square Payroll, and more. We’re working to find new and better ways to help businesses succeed on their own terms—and we’re looking for people like you to help shape tomorrow at Square.

Job Description

The Data Security Governance team is looking for a Security Compliance Manager to focus on Regulatory Compliance for all of Square’s payments services including Cash App and Square Capital. 

The Data Security Governance team oversees: 

  • Compliance efforts and audit activities for regulatory compliance obligations such as PCI DSS, SSAE18, ISO 27001, SEC, FFIEC, FINRA and related internal control reviews

  • Regulatory risk management and consultation to product, sales, legal, and operations teams to support our existing products and new projects

  • Launch of products by creating technical security specifications that address compliance requirements of external stakeholders.

You will:

  • Manage security compliance programs and examinations while working to harmonize those controls across payments industry compliance efforts

  • Oversee audit and governance management: optimize year-round compliance efforts for Square, Cash App, and Square Capital systems and procedures 

  • Partner with cross-functional departments to manage efforts to help expand Square’s infrastructure in a manner that maintains compliance

  • Conduct ongoing efforts to increase security and decrease user friction while maintaining regulatory compliance

  • Support internal Square teams by sharing your experience and expertise consulting on contracts, security-related sales and marketing material, and engineering design documents

  • Manage policies and procedures, and technical specifications supporting compliance and audit efforts

  • Engage with industry leaders in data security and governance to inform the next generation of payment security rules and regulations

Qualifications

You have:

  • 5+ years of experience with security-related regulatory compliance for financial services

  • Experience with managing PCI DSS, ISO 27001, SSAE18, or other compliance standards and framework programs 

  • Familiarity with FFIEC and FDIC rules and regulations

  • Familiarity with FINRA and SEC rules and regulations

  • Relevant Certification (e.g. CISA, CISSP) or equivalent expertise

  • Experience in payments security

  • Experience with IT-related audits (PCI, SSAE18, ISO 27001) and balancing internal engineering processes, business needs, and external audit requirements.

*Note* This role is open to remote 

Additional Information

At Square, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)squareup.com. We will treat your request as confidentially as possible. In your email, please include your name and preferred method of contact, and we will respond as soon as possible.

Perks

At Square, we want you to be well and thrive. Our global benefits package includes:
  • Healthcare coverage
  • Retirement Plans
  • Employee Stock Purchase Program
  • Wellness perks
  • Paid parental leave
  • Flexible time off
  • Learning and Development resources
Privacy Policy