Flag: Tornado! Hurricane!

 Forums >>  Job Openings  >>  Career: Software Security Engineer - Square - San Francisco, CA

Topic created on: April 26, 2012 15:19 CDT by pedram .

Square is looking to hire a Security Engineer to assist with security,
audit, and compliance efforts within the organization. This person
will be called upon to help design and secure all areas of the
organization and product, including client and server applications,
system and network infrastructure, and policies and procedures. The
ideal candidate will be a security generalist, with as much interest
and experience building things as breaking them.

Responsibilities
* Design and build tools to implement security controls and monitor them
* Perform ongoing security testing and code reviews
* Act as internal security subject matter expert and evangelist
* Perform day-to-day audit and monitoring tasks as required

Required
* Strong understanding of web, application, and network security
* Programming experience in two or more of the following languages:
Ruby, Java, Javascript, and C/Objective-C
* Operational experience deploying and monitoring secure systems
* Familiarity with security standards, including PCI-DSS, PA-DSS,
OWASP Top 10 and others
* Previous experience in a start-up environment a plus

To apply, contact mikeh [at] squareup [dot] com and please submit
along with your resume a critique of the following code:


#!/usr/bin/env ruby
#
# This program encrypts and decrypts messages at the command line.
# It runs setuid root, so that it can be used by users without giving
# them access to the (root-owned) secret encryption key.

require 'openssl'

SECRET_KEY='/etc/secrypt.key'
OUTPUT_FILE='/tmp/secrypt.out'

cipher = OpenSSL::Cipher::Cipher.new('aes-256-ecb')

case ARGV.shift
when 'encrypt'
cipher.encrypt
when 'decrypt'
cipher.decrypt
else
puts 'Usage:'
puts '$0 [encrypt|decrypt] '
exit 1
end

cipher.key=(File.read(SECRET_KEY))

input = File.open(ARGV.shift)
output = File.open(OUTPUT_FILE, 'w')

input.each_line do |l|
output.write(cipher << l)
end

No posts found under this topic.

There are 31,055 total registered users.


Recently Created Topics
Ultimate Hacking Cha...
Jun/21
CreateMutex
May/31
let 'IDAPython' impo...
Sep/24
set 'IDAPython' as t...
Sep/24
GuessType return une...
Sep/20
About retrieving the...
Sep/07
How to find specific...
Aug/15
How to get data depe...
Jul/07
Identify RVA data in...
May/06
Immunity Debugger Re...
Aug/03


Recent Forum Posts
How to find specific...
hackgreti
Problem with ollydbg
sh3dow
How can I write olly...
sh3dow
New LoadMAP plugin v...
mefisto...
Intel pin in loaded ...
djnemo
OOP_RE tool available?
Bl4ckm4n
OOP_RE tool available?
van7hu
Should binaries be n...
Kolisar
Problem with ollydbg
nullx42
!findtrampoline Immu...
skycrack


Recent Blog Entries
crystalwade
Jul/20
test

nieo
Mar/22
Android Application Reversing

halsten
Mar/14
Breaking IonCUBE VM

oleavr
Oct/24
Anatomy of a code tracer

hasherezade
Sep/24
IAT Patcher - new tool for ...

More ...


Recent Blog Comments
nieo on:
Mar/22
IAT Patcher - new tool for ...

djnemo on:
Nov/17
Kernel debugger vs user mod...

acel on:
Nov/14
Kernel debugger vs user mod...

pedram on:
Dec/21
frida.github.io: scriptable...

capadleman on:
Jun/19
Using NtCreateThreadEx for ...

More ...


Imagery
SoySauce Blueprint
Jun 6, 2008

[+] expand

View Gallery (11) / Submit