Block builds simple, powerful tools that make progress towards an economy that’s truly open to all.
Principal Security Engineer
Location
California
Posted
2 days ago
Salary
$319K - $478.6K / year
Seniority
Lead
Job Description
Principal Security Engineer
Block
Role Description As a Principal Security Engineer focused on Software Security Engineering at Block, you will be a technical leader reporting to the CISO responsible for setting the bar for security excellence and driving the creation of innovative, world-class software solutions to complex security problems. You will work across Engineering and Information Security (InfoSec) to champion a "Secure by Design" culture, directly influencing the architecture of Block's core products and infrastructure. Your mandate is to provide deep technical expertise and strategic direction to ensure that security is enabling fast, secure innovation across the business. - Software Security Innovation: Deliver world-class and innovative software solutions to security problems, tackling Block's top risks such as technology fragmentation and security after-the-fact. - Technical Strategy & Architecture: Define the multi-year technical strategy for software security at Block, guiding architectural decisions and ensuring alignment with engineering best practices. - Cross-Cutting Solution Leadership: Identify and lead the development and implementation of common, high-leverage security solutions and infrastructure across Block's business units (Square, Cash App, TBD, etc.) to combat data sprawl and overpermissioning. - Drive engineering excellence: Specifically around security, for critical systems like tokenization platforms, ensuring integrity, performance, and scalability. - Spearhead the security strategy: And engineering excellence for mobile software and platforms across Block's product ecosystem. - Champion security reliability engineering: (SecRelEng) practices to improve the overall resilience and availability of security services and infrastructure. - Execution Excellence: Lead technical planning and implementation for high-priority security initiatives, acting as a technical decision maker/tie-breaker and upholding high technical standards. - Consultation & Guidance: Partner with engineering leaders to integrate security practices early into the development lifecycle (Secure SDLC) and provide security architecture review and threat modeling for critical systems. - Mentorship & Enablement: Foster technical excellence within InfoSec and mentor engineers on technical execution, system design, and technology choices, driving knowledge sharing and documentation. Qualifications - Track record of exemplary technical leadership and decision-making at a Principal or equivalent level (L8+ technical capabilities preferred). - 10+ years of experience developing and shipping production software and critical services, with a minimum of 5 years focused on establishing and scaling security practices in a large, modern technology environment. - Mastery of system design and architecture, with demonstrable experience solving ambiguous, domain-heavy problems by structuring the approach, clarifying scope, and driving clarity among stakeholders. - Deep technical understanding of security vulnerabilities, risks, countermeasures, and compensating controls, particularly in high-volume, real-time transaction processing environments. - Exceptional collaboration and communication skills, with proven ability to influence executive leadership and direct engineering teams in prioritizing security roadmap items to balance security and business risks. - Demonstrable ability to write production-quality code/script for security automation and tooling. Requirements - Experience leading and driving significant technical initiatives across multiple team, organizational and product boundaries. - Experience in the financial technology, payments, or cryptocurrency/bitcoin domain, reflecting Block's unique security characteristics. - Experience improving engineering standards and practices for security, and building systems to achieve sub-linear growth of security resources relative to the business (Design for Leverage, Not Coverage). Benefits - Remote work - Medical insurance - Flexible time off - Retirement savings plans - Modern family planning
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Physical Security – Traveling Associate Project Manager
BearComBearCom is North America’s largest provider & system integrator of wireless voice, video, & data solutions.
• Coordinate project management activities, resources, equipment, and information • Segment projects into achievable actions and set timeframes for completion • Liaise with clients to identify and define requirements, scope, and objectives • Assign tasks to internal teams and assist with schedule management • Make sure that clients needs are met as projects evolve • Analyze risks and opportunities • Monitor project progress and manage issues that arise • Communicate project status to all stakeholders • Work with the team to eliminate blockers • Use tools to monitor working hours, plans and expenditures • Create and maintain comprehensive project documentation, plans and reports • Ensure standards and requirements are met through monitoring quality assurance and control activities • Create schedules and collect documents to orient and guide projects and outcomes • Communicate with stakeholders about scheduling, staffing, and technical requirements • Help with other projects/duties as needed
• Technical owner for the information security operations platform, responsible for the architecture, strategy, and sustaining controls for detection, incident response, vulnerability management, identity management, and perimeter governance. • Primary technical reference for the area, contributing to process maturity and the technical development of the team. • Architect, deploy, and direct the maintenance of an open-source-based SIEM platform, including data collection, normalization, event correlation, processing pipelines, and retention policies. • Develop and maintain detection use cases aligned with the MITRE ATT&CK framework, with continuous tuning to reduce false positives and increase detection effectiveness. • Strategically lead the corporate Vulnerability Management program, including risk-based prioritization, coordination of remediation with technology teams, and monitoring executive-level indicators. • Define and govern Identity and Access Management (IAM) processes: identity lifecycle, segregation of duties, RBAC, MFA, and periodic access reviews. • Govern policies and rules for Next-Generation Firewalls (NGFW): network segmentation, periodic rule reviews, and hardening. • Provide technical leadership for response to critical security incidents, supporting containment, forensic analysis, and coordination of remediation activities. • Implement and monitor hardening of environments based on recognized industry benchmarks (CIS Benchmarks). • Develop automations and integrations using tools and scripting languages to optimize team operations. • Prepare and maintain high-complexity technical documentation, standard operating procedures, security policies, and reference architectures. • Act as a mentor to team analysts, promoting knowledge transfer, technical culture, and operational continuity.
• Protect the organization's digital assets • Deploy and manage security technologies like EDR and SIEM • Lead vulnerability and threat programs • Conduct threat hunting • Administer the SIEM platform • Respond to security incidents • Manage email security and DLP solutions
Cyber Security Governance Specialist
SpektrumThe NATO Communications and Information Agency (NCIA) is responsible for providing secure and effective communications and information technology (IT) services to NATO's member countries and its partners. Established in 2012 and headquartered in Brussels, Belgium, the NCIA plays a critical role in ensuring the security and effectiveness of NATO's communication and information technology capabilities. Cyber Security: Provides advanced cybersecurity solutions. Command and Control Systems: Develops and maintains systems for military operations. Satellite Communications: Enables secure communications between NATO forces. Electronic Warfare: Supports NATO’s mission against threats to communication networks. Information Management: Manages NATO's IT infrastructure.
Role Description Assistance and Advisory Service (AAS) is seeking personnel to provide governance and coordination support for enterprise cybersecurity governance activities, specifically supporting the Cyber Lessons Learned (LL) and NATO Enterprise Cybersecurity Scorecard (Scorecard) processes. - Support the implementation and operationalization of the Cyber Lessons Learned process across relevant cybersecurity stakeholders. - Engage stakeholders involved in the relevant cybersecurity processes. - Coordinate the capture and structuring of lessons learned information. - Support documentation of changes made to procedures or documentation resulting from lessons learned. - Support the organization and documentation of Lessons Learned coordination meetings and workshops. - Support the maintenance of templates, repositories, or portals used to capture lessons learned information. - Support coordination of the Assessment Team (including contractors) performing Scorecard activities. - Review contractor outputs and provide quality assurance observations to CDT. - Maintain oversight documentation such as tracking dashboards, issue logs, and status summaries. Qualifications - Expertise in Cyber Security: Extensive experience in cyber security with a focus on analytical assessment, scorecard development, and performance metrics. - Methodology Development Skills: Proficiency in developing, refining, and updating methodologies for assessing cybersecurity maturity and performance. - Experience with Lessons Learned or Knowledge Management Processes: Experience supporting Lessons Learned, knowledge management, or continuous improvement processes. - Communication Skills: Strong written and verbal communication skills for engaging with various stakeholders. - Autonomous Working Capability: Capable of performing effectively and efficiently with minimal supervision. Requirements - Valid National or NATO Secret personal security clearance. - Remote working location (in a NATO country). - Some travel to other NATO sites may be required. Benefits - Opportunity to work with NATO and contribute to critical cybersecurity initiatives. - Flexible working arrangements.



