Summary

What you'll work on:

1. Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely
2. Test web applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution
3. Recommend code changes to eliminate vulnerabilities
4. Automate security tests within the CI/CD pipeline
5. Help develop secure coding standards and training materials based on findings seen in Circle’s environment to empower engineers to write more secure code
6. Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle’s security practices
7. Serve as an escalation point to investigate security alerts and identify incidents
8. Investigate vulnerability reports related to Circle products and systems
9. Manage vendors to conduct penetration tests and other security-related projects
10. Influence the continuous improvement of the application security program
11. Support other security team projects such as threat modeling, vulnerability scanning, and audits.

You will aspire to our four core values:

1. Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
2. Mindful - you seek to be respectful, an active listener and to pay attention to detail.  
3. Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals. 
4. High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.

What you’ll bring to Circle:

1. 7+ years of total experience 
2. 3+ years of experience as a security engineer that has been leading projects and developing resolutions in cybersecurity
3. Enthusiasm for securing and breaking software 
4. Experience with common attack techniques and purple team activities
5. Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.
6. Experience automating security tests in CI/CD pipelines
7. Experience working with SAST and DAST testing processes and tools
8. Experience with building Detections.
9. Experience with Cloud Security tools are preferred.
10. Experience working on applications deployed within AWS and GCP are preferred.
11. Experience/familiarity with Slack, Apple MacOS, GSuite, Atlassian
12. Working knowledge cryptography
13. Familiarity with techniques for making software robust against common attacks
14. Self-motivated and creative problem-solver able to work independently with minimal guidance
15. Strong ability to work collaboratively across teams
16. Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly
17. Experience working in financial services or financial technology preferred.
18. Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted 
19. Certifications such as CCSP and CEH preferred.
20. Experience with the following is preferred: Terraform, Rust, Solidity, Move, Go, REST APIs, JSON, JS, and Python.. 
21. Prior experience with containers and kubernetes is preferred
22. An appetite for work travel when needed

Skills

• Attention to Detail
• Communications Skills
• Cryptography
• Development
• Problem Solving
• Python
• Rust
• Software Engineering
• Team Collaboration