Job Description

The Security organization reduces security risk for all aspects of doing business at Block. This includes: partnering with Product and Security Engineering teams to help them understand the security risks of our designs and implementation choices; creating platform technologies that deliver essential security functions; and securing the systems, infrastructure, and networks that make up our operations and corporate environment.

As a Information Security Technical Analyst on the Vulnerability Management Program you will support ongoing triage and case management of newly discovered and reported vulnerabilities. This analyst will engage with all parts of the Information Security organization including Security Partners, Security Engineers and other experts from the cross-functional teams, and Product Business representatives to ensure our teams are informed of the potential risks and impacts of the vulnerabilities and make informed decisions on vulnerability remediations. 

YOU WILL:

• Support our vulnerability management program through technical triage, facilitate prioritization with security expertise and track vulnerability to resolution
• Monitor and analyze vendor advisories, vulnerability reports, bug trackers, and other sources for information to report potential vulnerabilities to triage
• Monitor threat intelligence data to assess and flag potential risks that may have impact to our organization
• Support ongoing bug bounty programs with third-party vendors and internal stakeholders to prioritize bug findings and remediations
• Partner across the Security teams to identify areas of risk and work closely with business teams to make informed risk-based decisions
• Help produce meaningful metrics and reports for customer and leaderships on organizational vulnerability health
• Manage ongoing penetration test engagements organized across Information Security teams
• Produce and collect vulnerability data to support compliance audits and regulatory requirements
• Participate and manage other vulnerability management initiatives and projects
• Periodically assess and contribute to tool improvement, process improvement and documentations to enhance the vulnerability management program lifecycle
• You will be an important contributor to operations reviews, special projects, and process improvement activities.

Qualifications

• Technical Degree from an accredited college or university and 2 years of experience in Information Security, Information Technology or related work experience
• Fundamental knowledge of security principles; ability to demonstrate an understanding of information security, such as threats and vulnerabilities.
• Experience exercising a technical mindset and mature judgment for problem-solving
• Ability to manage priorities in a fast paced and in a collaborative environment

NICE TO HAVE:

• Technical knowledge of the techniques and procedures of software/hardware and network vuln management. 
• General understanding of installation, configuration and troubleshooting processes for software, hardware, networking and cloud computing.  
• Understand installation, configuration and troubleshooting processes for software, hardware, networking and accessory equipment.
• Hold SW product development related certifications such as Security+, CySA+, Certified Information Systems Security Professional (CISSP), or related CompTIE, GIAC, or EC-Council certifications. 
• Knowledge of programing language(s) for automation, scripting, and test 
• Project or program management experience managing technical initiatives

Additional Information

We’re working to build a more inclusive economy where our customers have equal access to opportunity, and we strive to live by these same values in building our workplace. Block is a proud equal opportunity employer. We work hard to evaluate all employees and job applicants consistently, without regard to race, color, religion, gender, national origin, age, disability, pregnancy, gender expression or identity, sexual orientation, citizenship, or any other legally protected class. 

We believe in being fair, and are committed to an inclusive interview experience, including providing reasonable accommodations to disabled applicants throughout the recruitment process. We encourage applicants to share any needed accommodations with their recruiter, who will treat these requests as confidentially as possible. _WANT TO LEARN MORE ABOUT WHAT WE’RE DOING TO BUILD A WORKPLACE THAT IS FAIR AND SQUARE? CHECK OUT OUR I+D PAGE. _

Additionally, we consider qualified applicants with criminal histories for employment on our team, and always assess candidates on an individualized basis.

PERKS

We want you to be well and thrive. Our global benefits package includes:

• Healthcare coverage
• Retirement Plans
• Employee Stock Purchase Program
• Wellness perks
• Paid parental leave
• Paid time off
• Learning and Development resources

Block, Inc. (NYSE: SQ) is a global technology company with a focus on financial services. Made up of Square, Cash App, Spiral, TIDAL, and TBD54566975, we build tools to help more people access the economy. Square helps sellers run and grow their businesses with its integrated ecosystem of commerce solutions, business software, and banking services. With Cash App, anyone can easily send, spend, or invest their money in stocks or Bitcoin. Spiral (formerly Square Crypto) builds and funds free, open-source Bitcoin projects. Artists use TIDAL to help them succeed as entrepreneurs and connect more deeply with fans. TBD54566975 is building an open developer platform to make it easier to access Bitcoin and other blockchain technologies without having to go through an institution.