Principal Security Engineer, Security

Circle is an innovative financial technology company operating at the forefront of the emerging internet of money. We facilitate the seamless global exchange of value akin to digital data, transforming legacy settlement systems for enhanced speed, cost-efficiency, and global reach. Our groundbreaking infrastructure, such as USDC, a blockchain-based dollar, empowers businesses, institutions, and developers to capitalize on the unprecedented opportunities in payments, commerce, and markets, fostering economic prosperity and inclusion worldwide.

What You'll Contribute to:

Circle fosters a culture of transparency and stability while expanding into robust global markets. Our organization thrives on speed and efficiency, guided by core values: Multistakeholder mindset, Mindfulness, Pursuit of Excellence, and High Integrity. In a remote work landscape, collaborative success is propelled by a diverse and flexible work environment that values fresh ideas and active participation from all team members.

What Your Role Entails:

Circle is seeking a dedicated Principal Security Engineer adept in Product and Blockchain Security to spearhead technical strategies, innovative tools, research, and processes. You will collaborate within the Security Engineering team and closely partner with Engineering, Infrastructure, and IT teams to support cloud operations, software development, and endpoint devices.

Your Key Responsibilities:

• Collaborate with product management and software engineering teams throughout the SDLC to ensure secure application design and implementation
• Conduct vulnerability assessments on web3 and web2 applications and associated systems, utilizing tools and manual approaches; lead the remediation process for identified vulnerabilities
• Make recommendations for code enhancements to address security vulnerabilities
• Automate security tests within the CI/CD pipeline
• Develop secure coding standards and training materials based on observed findings in Circle's environment to empower engineers to write secure code
• Research blockchain-specific vulnerabilities and integrate this knowledge into Circle's security practices
• Act as an escalation point for investigating security alerts and incident identification
• Investigate vulnerability reports relevant to Circle products and systems
• Supervise vendor activities for penetration testing and other security projects
• Contribute to enhancing the application security program through continuous improvement
• Support various security team initiatives such as threat modeling, vulnerability scanning, and audits

What You'l Contribute:

• 7+ years of experience in cybersecurity roles
• 4+ years of experience as a security engineer leading cybersecurity projects and formulating solutions
• Strong enthusiasm for software security and analysis
• Proficiency in common attack techniques and penetration testing
• Experience designing software security features like access controls, logging, monitoring, and input validation
• Extensive experience automating security tests in CI/CD pipelines
• Familiarity with AWS and GCP environments
• Understanding of blockchain technologies such as Ethereum, Bitcoin, Solana
• Knowledge of public and private key cryptography
• Ability to work independently, think creatively, and collaborate across different teams
• Strong multitasking capabilities, sound judgment, and flexibility in setting priorities
• Previous experience in financial services or financial technology preferred
• Bachelor's degree in relevant field or equivalent experience
• Certifications like CISSP, CEH will be advantageous
• Proficiency in Solidity, Rust, Go, JSON, Python preferred
• Remote work experience is desirable

Additional Details:

• Immediate PERM sponsorship available for qualified candidates
• Compensation considerations consider multiple factors, including experience and qualifications
• Salary Range: $200,000 - $257,500
• Annual Bonus Target: 17.5%
• Benefits Offered: Equity, medical, dental, vision, 401(k), discretionary vacation policy, paid sick leave, and holidays

We embrace diversity and are an equal opportunity employer that does not discriminate based on various factors. Our participation in the E-Verify Program adheres to legal requirements in specific locations.