Senior Software Engineer, Identity and Access Management (IAM)
San Francisco, CA
We believe everyone should be able to participate and thrive in the economy. So we’re building tools that make commerce easier and more accessible to all. We started with a little white credit card reader but haven’t stopped there. Our new reader helps our sellers accept chip cards and NFC payments, and our Cash app lets people pay each other back instantly. We’re empowering the independent electrician to send invoices, setting up the favorite food truck with a delivery option, helping the ice cream shop pay its employees, and giving the burgeoning coffee chain capital for a second, third, and fourth location. Let’s shorten the distance between having an idea and making a living from it. We’re here to help sellers of all sizes start, run, and grow their business—and helping them grow their business is good business for everyone.
At Square, security is paramount. The Identity and Access Management (IAM) team is part of Information Security (InfoSec); we write software that mediates access to internal services. As a team, we value correctness, safety, and efficiency. We're looking for a Software Engineer who shares our values.
As a Software Engineer on IAM, you will be responsible for designing, building, and owning the services and infrastructure that control access to internal services at Square.
Our team engineers solutions that enable our business to scale. As such we are building our internal authentication and authorization systems based on a zero-trust network model (commonly referred to as BeyondCorp). This requires building systems that allow us to reliably authenticate users and devices around the world. The services you build will protect Square’s most valuable assets.
- Develop and maintain authentication and authorization services for Square.
- Build great user experiences for internal web applications.
- Work cross-functionally with many teams in multiple locations to ensure a secure production environment.
- Participate in an on-call rotation for IAM services.
- Experience developing web services and REST APIs
- Familiarity with secure coding practices, and knowledge of how to harden web services against common pitfalls.
- Interest in Information Security. Prior security experience not required, but a desire to learn is.
- Full-stack experience, especially knowledge of Linux/Unix security.
- Experience with Ruby on Rails.
- Familiarity with Beyond Corp concepts and/or implementations.
Technologies we use and teach:
- Ruby, Rails, RSpec