Technical Program Manager, Product Security Compliance

  • Full-time

Company Description

Square builds common business tools in unconventional ways so more people can start, run, and grow their businesses. When Square started, it was difficult and expensive (or just plain impossible) for some businesses to take credit cards. Square made credit card payments possible for all by turning a mobile phone into a credit card reader. Since then Square has been building an entire business toolkit of both hardware and software products including Square Capital, Square Terminal, Square Payroll, and more. We’re working to find new and better ways to help businesses succeed on their own terms—and we’re looking for people like you to help shape tomorrow at Square.

Job Description

The Innovation Security Governance team focuses on product security assurance and approval work for Square payment solutions. We collaborate with Engineering, Industry Relations, and Product teams to ensure that Square products can launch anywhere in the world. We are looking for a dynamic Technical Program Manager to support our Senior Technical Program Managers as we continue to expand our Hardware and Mobile Security Compliance programs. 

You will advance our team’s mission as you develop a deep understanding of our products and work with cross-functional teams to create secure hardware from scratch! 

You will:

  • Manage cross-functional product security evaluation projects, including planning, prioritization, execution, dependency management, risk analysis and mitigation, and relationship management

  • Become highly knowledgeable of the following standards, PCI DSS, PCI SPoC, PCI PTS, PCI PIN, Common Criteria and EMVCo Software-based Mobile Payment Security

  • Develop and improve Compliance Program documentation policies and procedures

  • Identify and solve problems that span multiple teams or areas of ownership

  • Partner with cross-functional teams to find creative ways to improve our Compliance Programs while reducing the compliance burden on Engineering teams

  • Support Square teams by sharing your experience and expertise, consulting on contracts, security-related sales and marketing material, and engineering design documents

Qualifications

You have:

  • 4+ years of experience with security-related regulatory compliance for financial services or equivalent

  • Relevant certifications (e.g. CISA, CISSP) or equivalent expertise

  • Experience with product security (embedded device and/or mobile applications) related audits or security program management (PCI, EMVCo)

  • Experience with balancing internal engineering processes, business needs, and external audit requirements

  • Familiarity with both mobile and embedded device security concepts such as Secure SDLC, White-box Crypto, Root Detection, Tamper Detection

Additional Information

At Square, we value diversity and always treat all employees and job applicants based on merit, qualifications, competence, and talent. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. We will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of the San Francisco Fair Chance Ordinance. Applicants in need of special assistance or accommodation during the interview process or in accessing our website may contact us by sending an email to assistance(at)squareup.com. We will treat your request as confidentially as possible. In your email, please include your name and preferred method of contact, and we will respond as soon as possible.

Perks

At Square, we want you to be well and thrive. Our global benefits package includes:
  • Healthcare coverage
  • Retirement Plans
  • Employee Stock Purchase Program
  • Wellness perks
  • Paid parental leave
  • Paid time off
  • Learning and Development resources
Privacy Policy