Computer Security and Incident Response Lead
- Full-time
Company Description
Job Description
The Square Security team works to ensure the security of every transaction from dip to receipt and beyond. We aim to provide a diverse and secure environment that allows Square to build outstanding products for both customers and employees. Our ultimate goal is to ensure that every experience with Square is simple, secure, and safe.
We are looking for an experienced leader to join our Computer Security and Incident Response (CSIRT) team inside the Detection and Response Engineering Team (DART). DART-CSIRT contributes to the mission through systems signals and sensor development, precise investigations and leading security incident responses for Square. We prioritize our work using an attack-driven defensive approach to prioritize our preventive controls, detective controls, and response program based on real-world attacker behaviors. We automate the detection of, and response to, attack techniques, look for threats in the cloud, data center, and corporate network environments and lead incident response. Additionally, we provide expertise and partner with our infrastructure security and product teams to create and enforce policies that aim to ensure hardened, easy paths for our developers. This position will report into our Detection and Response Team Lead.
As the DART-CSIRT Lead you will:
- Recruit, lead, and mentor a team of investigators, signature developers, threat hunters, incident responders, and automation engineers
- Dive in with members of your team to provide coaching and ensure their success, providing hands-on technical guidance and direction
- Work with product, platform, and data engineering teams to prioritize efforts to bring your team's work to life
- Identify new opportunities, develop prototypes, achieve support from partners, and communicate staffing needs
- Represent the Security team as the lead for all security incidents at Square
- Lead the effort to expand Square's cloud-based incident response process and cloud IR tooling capabilities
- Oversee the daily workings of the Signals Development, Alert Triage, Investigations, and Incident Handling workflows within DART-CSIRT
- Monitor and adapt signals from cloud services, workstations, data centers, and networks to detect malicious behaviors
- Improve and automate internal capabilities for identifying, investigating, and responding to security events
- Investigate suspicious activities and leverage tactical and technical capabilities to eradicate threats
Qualifications
You have:
- 2+ years of related management experience
- 6 years of industry experience
- Relevant experience leading a detection and response team
- Security experience with signature development and performing Incident Response in AWS and Kubernetes
Additional Information
Perks
At Square, we want you to be well and thrive. Our global benefits package includes:
- Healthcare coverage
- Retirement Plans
- Employee Stock Purchase Program
- Wellness perks
- Paid parental leave
- Flexible time off
- Learning and Development resources