Information Security Analyst

  • San Francisco, CA
  • Full-time

Company Description

Square builds common business tools in unconventional ways so more people can start, run, and grow their businesses. When Square started, it was difficult and expensive (or just plain impossible) for some businesses to take credit cards. Square made credit card payments possible for all by turning a mobile phone into a credit card reader. Since then Square has been building an entire business toolkit of both hardware and software products including Square Capital, Square Terminal, Square Payroll, and more. We’re working to find new and better ways to help businesses succeed on their own terms—and we’re looking for people like you to help shape tomorrow at Square.

Job Description

The Security organization at Square reduces security risk for all aspects of doing business at Square. This includes: partnering with engineering teams to help them understand the security risks of their design and implementation choices; creating platform technologies that provide security functions; and securing the systems and networks that make up our operations and corporate environment.

We are looking for an Information Security Analyst for the Vulnerability Management Program team. You will report to the Vulnerability Management Lead and help surface and alert potential vulnerabilities discovered on Square's assets and infrastructures to allow the company to take principled risks.

You will:

  • Support vulnerability management program through triage, facilitating prioritization with security expertise and track vulnerability to resolution
  • Monitor and analyze vendor advisories, vulnerability reports, bug trackers, and other sources for information to report potential vulnerabilities to triage
  • Program manage ongoing bug bounty programs with third party vendors and internal stakeholders to prioritize bug findings and remediations
  • Partner across the Security teams to identify areas of risk and work with business teams to make informed risk-based decisions
  • Help produce meaningful reports for customer and leaderships on organizational vulnerability health
  • Generate and collect vulnerability data to support compliance audits and regulatory requirements
  • Periodically assess and participate in tool improvement, process improvement and documentations to enhance the vulnerability management program lifecycle

 

Qualifications

You have:

  • Degree from an accredited college or university or 2+ years of experience in Information Security, Information Technology or related work experience
  • Motivated and results driven
  • Fundamental knowledge of security principles
  • Ability to work in a collaborative environment
  • Excellent communication and interpersonal skills
  • Strong problem solving and troubleshooting skills
  • Effective organizational skills and ability to manage priorities in a fast paced environment

Nice to have:

  • Knowledge of programing language for automation and scripting
  • Project or program management experience managing technical programs
  • Experience with Vulnerability Management Lifecycle

Additional Information

At Square, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)squareup.com. We will treat your request as confidentially as possible. In your email, please include your name and preferred method of contact, and we will respond as soon as possible.

Perks

At Square, we want you to be well and thrive. Our global benefits package includes:
  • Healthcare coverage
  • Retirement Plans
  • Employee Stock Purchase Program
  • Wellness perks
  • Paid parental leave
  • Paid time off
  • Learning and Development resources