Senior Security Engineer, Detection and Response

Circle is a financial technology company at the epicenter of the emerging internet of money, where value can finally travel like other digital data - globally, nearly instantly and less expensively than legacy settlement systems. This ground-breaking new internet layer opens up previously unimaginable possibilities for payments, commerce and markets that can help raise global economic prosperity and enhance inclusion.

What you'll be part of:

Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values: Multistakeholder, Mindfulness, Driven by Excellence and High Integrity. Circlers are consistently evolving in a remote world where strength in numbers fuels team success. We have built a flexible and diverse work environment where new ideas are encouraged and everyone is a stakeholder.

What you'll be responsible for:

In 2020, Circle unveiled Circle APIs: a set of solutions and smarter technology to help businesses accept payments in a more global, scalable and efficient alternative to traditional banking rails (spoiler: we're using USD Coin under the hood). The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely.

The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. The security team leads the company's programs for information security, insider risk and cybersecurity. As a member of this team, you'll lead projects and be responsible for the upkeep of the team's technology stack as well as creation of log pipelines that feed our SIEM, SOAR, TIP and other security tools and be responsible for key deliverables of the security program.

You'll also be one of the team's responders and event handlers and act as a technical consultant to help find the root cause of incidents involving our cloud infrastructure and codebase.

We expect you to have experience working in a cloud-based environment, preferably AWS, and have some familiarity with lambdas. You also must demonstrate proficiency with SQL and Python, which are core to our detection infrastructure running on Panther/Snowflake.

Also note that this position will require you to perform on-call duties during working hours to support security operations and assist the team with the occasional night time and weekend incident.

What you'll work on:

• Execution on the technical roadmap for Security Operations.
• Build custom tools for the team as needed.
• Work with system owners to proactively generate and collect the desired logs and other telemetry.
• Research and recommend new tools in support of business requirements.
• Respond to incidents and collaborate across teams to investigate and resolve.
• Develop detection techniques to identify anomalous behaviors and attacks across the environment.
• Configure and maintain security monitoring tools such as EDR or intrusion detection solutions.
• Mentor and provide security guidance to various organizations throughout the company.
• Support other security team projects such as threat modeling, vulnerability scanning, and audits.
• Take on-call shifts to respond to critical alerts after-hours.

You will aspire to our four core values:

• Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
• Mindful - you seek to be respectful, an active listener and to pay attention to detail.
• Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
• High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.

What you'll bring to Circle:

• 4+ years of experience as a security engineer, site reliability engineer, devops/cloudops engineer or systems engineer with a minimum of two years (can be overlapping) a focus on cybersecurity or incident handling.
• Enthusiasm for scalable, reproducible security management.
• Self-motivated and creative problem-solver able to work independently with minimal guidance.
• Strong ability to work collaboratively across teams during high-stress situations.
• Ability to manage multiple competing priorities and use good judgement to establish order of priorities on the fly.
• Deep knowledge of incident response, and incident management.
• Experience with SIEM and SOAR solutions.
• Experience working in financial services or financial technology desired.
• Bachelor's degree in computer science, computer engineering, cybersecurity or related field; equivalent experience also accepted.
• Experience working in an AWS environment with Terraform is strongly desired.
• Demonstrated experience with SQL and Python (or other similar language) is required.
• Experience in a MacOS environment is preferred.