Lead Security Engineer, Detection and Response

Team-specific focus: Circle is a forward-thinking fintech company situated in the heart of the burgeoning digital currency sphere, where transactions can seamlessly traverse borders like any other form of online data—across the globe, almost instantly, and more cost-effectively than traditional payment systems. This innovative internet layer heralds unimagined opportunities for payment facilitation, commerce, and market advancement, fostering global economic growth and inclusivity. Our framework, anchored by USDC, a digital dollar on the blockchain, empowers businesses, institutions, and developers to seize upon these advances and leverage this pivotal juncture in the convergence of finance and technology.

Environment: At Circle, we are dedicated to transparency and consistency in all endeavors. As we expand globally into resilient jurisdictions, our operations center on rapidity and efficacy, driven by our core principles: Multistakeholder, Mindfulness, Driven by Excellence, and High Integrity. Operating in a remote landscape, our diverse and adaptable workspace fosters collaboration and a culture where fresh concepts are welcomed, and every individual has a vested interest.

Responsibilities: The Circle Security Team is entrusted with safeguarding the organization, our clientele, and the financial domains vital to our operations. This team spearheads initiatives in information security, cybersecurity, business continuity, and vendor risk management. As a team member, your pivotal role involves spearheading technical response protocols in diverse incidents. Serving as a technical advisor, your expertise is critical in discerning the root cause behind incidents concerning our cloud infrastructure (predominantly AWS) and coding framework. We seek a candidate proficient in analytical log scrutiny, adept at coalescing with technical peers, discerning patterns, and possessing a flair for innovative problem resolution.

Your remit will also encompass developing detections, with an ideal candidate demonstrating the capacity to support the maintenance of our team’s technological stack and log cascades feeding into our SIEM, TIP, and other security infrastructure. A dynamic environment demands constant learning to sustain currency in your skill set.

Note that given the compact, global nature of our team, your role entails on-call responsibilities during operational hours, facilitating security operations support and interceding during night-time and weekend emergencies.

Specific projects:

• Swift incident response and collaboration to investigate and resolve issues.
• Proficiently manage extensive, multi-stakeholder incidents as required.
• Employ detection-as-code mechanisms to identify irregular behaviors and incursions across our systems.
• Prioritize advancements in security incident response, event management, as well as security orchestration and automation.
• Cultivate relationships with corresponding teams like TechOps, engineering, and product development.
• Contribute to designing and executing response playbooks and plans.
• Engage in a global on-call rotation to address security alerts and incident escalations.

Essential attributes:

• Over five years of incident responder background in a cloud backdrop (particularly AWS, though not mandatory). Proficiency in roles such as security engineer, site reliability engineer, cloudops engineer, or systems engineer with substantial exposure to cybersecurity is valued.
• Demonstrated technical acumen and leadership in Incident Response and Threat Detection, serving as an Incident Commander.
• Strong communication skills to liaise effectively across hierarchies.
• Innovative problem solver.
• Collaborative aptitude in high-pressure teamwork settings.
• Experience in overseeing SIEM and SOAR solutions.
• Proficiency in SQL; familiarity with Python or analogous programming languages preferred.
• Acquaintance with international standards like ISO 27001/27002 or the NIST Cybersecurity Framework is advantageous.
• Desirable background in financial services or fintech.
• Proficiency in Google Suite, Slack, and Apple MacOS preferred.
• Competence in aggregating data from diverse sources like S3 buckets, syslog, network devices, endpoints, and APIs is beneficial.
• Proximity to Eastern or Central Time Zones is preferable but not restrictive.
• Seasoned engineers seeking career progression are encouraged to apply.

Additional details: This role offers immediate PERM sponsorship for eligible candidates.

At Circle, we strive to shape an inclusive financial landscape driven by transparency. We factor numerous elements while crafting compensation packages, accounting for relevant experience, skill sets, qualifications, and organizational needs among others.

Commence pay subject to considerations may notably range depending on various factors—competitive compensation frameworks apply for distinct locations.

Pay Range: $172,500 - $227,500 per annum Annual Bonus: 15% Includes: Equity & Benefits (medical, dental, vision, 401(k)), discretionary vacation policy, 10 days of yearly paid sick leave, and 11 paid holidays per annum (U.S.). We are a proponent of diversity and an equal opportunity employer, opposed to discrimination on the basis of race, religion, nationality, gender, age, marital or veteran status, or disability. Notably, Circle complies with the E-Verify Program where pertinent by legal mandate.