Senior Software Security Engineer - Product

Company:  Afterpay
Location: Seattle
Closing Date: 06/11/2024
Salary: £150 - £200 Per Annum
Hours: Full Time
Type: Permanent
Job Requirements / Description

Company Description

It all started with an idea at Block in 2013. Initially built to take the pain out of peer-to-peer payments, Cash App has gone from a simple product with a single purpose to a dynamic ecosystem, developing unique financial products, including Afterpay/Clearpay, to provide a better way to send, spend, invest, borrow and save to our 47 million monthly active customers. We want to redefine the world’s relationship with money to make it more relatable, instantly available, and universally accessible.

Today, Cash App has thousands of employees working globally across office and remote locations, with a culture geared toward innovation, collaboration and impact. We’ve been a distributed team since day one, and many of our roles can be done remotely from the countries where Cash App operates. No matter the location, we tailor our experience to ensure our employees are creative, productive, and happy.

Check out our locations, benefits, and more at cash.app/careers.

Job Description

About Cash Security

At Cash, security is everyone’s responsibility, especially among engineering disciplines. Cash Security is a multidisciplinary team, closely aligned to the needs of the business. The team is composed of multiple engineering and governance teams, each specializing and collaboratively solving the security, privacy and governance needs alongside their partner organizations.

About Product Security Engineering

The Product Security engineering team focuses on protecting Cash App’s customer data throughout the product engineering’s technology stacks. We are a hands-on, engineering-driven security team, which aligns security engineers toward product teams, across the entire Cash App organization. We continually raise the overall trust of Cash App’s products by building high leverage security abstractions into the technology stacks our partners utilize. We collaborate on building these security infrastructures, design patterns, and guidelines. We accomplish our goals by treating security engineering as a discipline, offering our expertise to technical and non-technical stakeholders. We secondarily abstract bespoke security solutions into reusable infrastructure, sharing our learnings, best practices, and solutions across the organization.

Our mission is to empower Cash engineers to protect our customers’ data in every aspect of the product and data life cycle; by providing reusable primitives and scalable platforms.

As a Product Security Engineer, you’ll work within the product engineering organization to:

  • Work with product teams to threat-model Cash App features and identify vulnerabilities.
  • Design, build, and own the security & privacy mechanisms and features which support product engineering teams and customer operations.
  • Drive the direction of the organization by productionizing common security patterns and working toward our security roadmap.
  • Design, apply, and develop security primitives to protect data.
  • Identify and remedy potential security risks to our customers' data.
  • Partner with product teams to implement relevant regulatory data privacy considerations.
  • Help the engineers around you level-up on their own security reasoning and knowledge.

Examples of our previous work include:

  • CashApp’s open source mobile client security SDK (GitHub)
  • General purpose multi-party authorization framework
  • Context aware audit logging functionality
  • Drive the adoption of policy as code
  • Cash’s Field Level Encryption (FLE) framework (Blog)

Qualifications

You have:

  • 8+ years of relevant experience
  • Experience demonstrating technical initiative and leadership through the end-to-end delivery of products in the security space
  • You enjoy solving problems at scale, through hands-on problem solving
  • Strong desire to perform and grow as a security engineer and educate other engineers
  • An interest in working on a product that impacts people/businesses directly
  • You have an aptitude for applied cryptography, security, and strong software engineering fundamentals

Tools we use and teach:

  • AWS KMS and Google’s Tink Cryptographic APIs
  • Android / iOS mobile development
  • Java 11 including JUnit, Hibernate, and Guice
  • Kotlin
  • HTTP, JSON, gRPC, and Protocol Buffers
  • MySQL, DynamoDB
  • Operating microservices, Kubernetes, Terraform

Additional Information

Block takes a market-based approach to pay, and pay may vary depending on your location. U.S. locations are categorized into one of four zones based on a cost of labor index for that geographic area. The successful candidate’s starting pay will be determined based on job-related skills, experience, qualifications, work location, and market conditions. These ranges may be modified in the future.

Zone A: USD $198,000 - USD $297,000
Zone B: USD $188,100 - USD $282,100
Zone C: USD $178,200 - USD $267,400
Zone D: USD $168,300 - USD $252,500

To find a location’s zone designation, please refer to this resource. If a location of interest is not listed, please speak with a recruiter for additional information.

Full-time employee benefits include the following:

  • Healthcare coverage (Medical, Vision and Dental insurance)
  • Health Savings Account and Flexible Spending Account
  • Retirement Plans including company match
  • Employee Stock Purchase Program
  • Wellness programs, including access to mental health, 1:1 financial planners, and a monthly wellness allowance
  • Paid parental and caregiving leave
  • Paid time off (including 12 paid holidays)
  • Paid sick leave (1 hour per 26 hours worked (max 80 hours per calendar year to the extent legally permissible) for non-exempt employees and covered by our Flexible Time Off policy for exempt employees)
  • Learning and Development resources
  • Paid Life insurance, AD&D, and disability benefits

These benefits are further detailed in Block's policies. This role is also eligible to participate in Block's equity plan subject to the terms of the applicable plans and policies, and may be eligible for a sign-on bonus. Sales roles may be eligible to participate in a commission plan subject to the terms of the applicable plans and policies. Pay and benefits are subject to change at any time, consistent with the terms of any applicable compensation or benefit plans.

US and Canada EEOC Statement

We’re working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. Block is a proud equal opportunity employer. We work hard to evaluate all employees and job applicants consistently, without regard to race, color, religion, gender, national origin, age, disability, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class.

We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible.

Additionally, we consider qualified applicants with criminal histories for employment on our team, and always assess candidates on an individualized basis.

#J-18808-Ljbffr
Apply Now
Share this job
Afterpay
  • Similar Jobs

  • Senior Software Security Engineer - Product

    Seattle
    View Job
  • Senior Software Security Engineer - Product

    Seattle
    View Job
  • Senior Software Engineer - Security

    Seattle
    View Job
  • Senior Software Security Engineer, Infrastructure

    Seattle
    View Job
  • Senior Software Engineer, Endpoint Security

    Seattle
    View Job
An error has occurred. This application may no longer respond until reloaded. Reload 🗙