Circle is a financial technology company at the epicenter of the emerging internet of money, where value can finally travel like other digital data — globally, nearly instantly and less expensively than legacy settlement systems. This ground-breaking new internet layer opens up previously unimaginable possibilities for payments, commerce and markets that can help raise global economic prosperity and enhance inclusion. Our infrastructure – including USDC, a blockchain-based dollar – helps businesses, institutions and developers harness these breakthroughs and capitalize on this major turning point in the evolution of money and technology.
What you’ll be part of:
Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values: Multistakeholder, Mindfulness, Driven by Excellence and High Integrity. Circlers are consistently evolving in a remote world where strength in numbers fuels team success. We have built a flexible and diverse work environment where new ideas are encouraged and everyone is a stakeholder.
What you’ll be responsible for:
Circle is looking for a passionate Lead Product Security Engineer to help drive and implement technical strategies, innovative tooling, research, and processes. You will have extensive knowledge of web 2.0 ecosystems, including the inner workings of cloud environments and api infrastructure. You’ll be part of the overall Security Engineering team and closely partner with the Engineering, Infrastructure, and IT teams responsible for supporting our cloud operations, software development, fleet of devices and endpoints.
The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. The security team leads the company’s programs for information security and cybersecurity, business continuity, and vendor risk management.
As a member of this team, you’ll lead projects and be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.
What you'll work on:
Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely
Test web applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution
Recommend code changes to eliminate vulnerabilities
Automate security tests within the CI/CD pipeline
Help develop secure coding standards and training materials based on findings seen in Circle’s environment to empower engineers to write more secure code
Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle’s security practices
Serve as an escalation point to investigate security alerts and identify incidents
Investigate vulnerability reports related to Circle products and systems
Manage vendors to conduct penetration tests and other security-related projects
Influence the continuous improvement of the application security program
Support other security team projects such as threat modeling, vulnerability scanning, and audits.
You will aspire to our four core values:
Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
Mindful - you seek to be respectful, an active listener and to pay attention to detail.
Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.
What you’ll bring to Circle:
5+ years of experience as a security engineer that has been leading projects and developing resolutions in cybersecurity
Enthusiasm for securing and breaking software
Experience with common attack techniques and conducting penetration tests
Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.
Experience automating security tests in CI/CD pipelines
Experience working with SAST and DAST testing processes and tools
Experience with building Detections.
Experience with Cloud Security tools are preferred.
Experience working on applications deployed within AWS and GCP.
Experience/familiarity with Slack, Apple MacOS and GSuite
Working knowledge of public and private key cryptography
Familiarity with techniques for making software robust against common attacks
Self-motivated and creative problem-solver able to work independently with minimal guidance
Strong ability to work collaboratively across teams
Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly
Experience working in financial services or financial technology desired
Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted
Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required
Experience with at least several of the following is highly desirable: Java, Angular JS, REST APIs, JSON, Go, and Python
Prior experience with threat and vulnerability management is preferred
An appetite for work travel when needed
Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.
Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations.
We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Additionally, Circle participates in the E-Verify Program in certain locations, as required by law.
Should you require accommodations or assistance in our interview process because of a disability, please reach out to accommodations@circle.com for support. We respect your privacy and will connect with you separately from our interview process to accommodate your needs.
#LI-Remote