Listing Description
We’re looking for an eager and diligent Security Analyst to conduct daily operational tasks within Information Security. This individual will work closely with Square’s Security Program Manager to execute Square’s vulnerability management program, vendor security management process, and external bug bounty. This individual will also provide periodic operational support for audit data gathering.
Qualifications:
You have:
Strong verbal and written communication skills
Strong office computing experience
Familiarity with bug tracking/ticketing systems
Even better:
1+ years experience as an analyst in Information Security, Risk, Fraud Prevention or equivalent training
Familiarity with JIRA and Atlassian productivity tools
Automation/scripting experience
Familiarity with vulnerability scanning and security testing tools
Strong interest to learn and grow within Information SecurityDaily inspection of Square’s internal vulnerability queue.
Notify responsible stakeholders of vulnerabilities that are out of SLA.
Notify responsible stakeholders of vulnerabilities that have been re-opened.
Provide some limited vulnerability verification help to teams.
Provide limited reporting and analysis support for status of vulnerabilities across company.
Daily inspection of Square’s external bug bounty queue.
File externally reported bug bounty issues as internal tickets and assign to appropriate teams.
Coordinate with Security Program Manager to issue appropriate rewards to security researchers.
Process vendor security review requests
Collaborate closely with Procurement, Legal, and Security Program Management to review products/companies for adherence to Square’s security policies and requirements
Periodic reviews of existing vendors for adherence to Square’s security policies and requirements
Periodic role and access review
Work with Identity and Access Management to verify access grants have been correctly provisioned/de-provisioned.
Compliance data gathering support
Support Data Security Governance in gathering technical evidence (logs, system screenshots, etc.) to support compliance efforts.
Listing Details
- Citizenship: No Requirements
- Incentives: Stock Options
- Education: High School Diploma
- Travel: No Travel
- Telework: Optional Telecommute