Senior Manager, Threat and Vulnerability Management
Circle is a dynamic financial technology company deeply involved in the growing internet of money, enabling the swift, cost-effective transfer of value on a global scale. This transformational digital network introduces unprecedented opportunities for payments, commerce, and markets that can enhance global economic well-being and inclusion. Our innovative infrastructure, highlighted by USDC, a blockchain-based dollar, empowers businesses, institutions, and developers to leverage these advancements in the evolution of money and technology.
What You'll Operate Within:
As Circle expands into robust global markets, transparency and stability are central to all our endeavors. Built on core values such as Multistakeholder, Mindfulness, Driven by Excellence, and High Integrity, our organization thrives on speed, efficiency, and collaboration even in today's remote work environment. We foster a diverse, adaptable workplace where fresh perspectives are valued, and every member contributes to our shared success.
Key Responsibilities:
Circle seeks a dedicated Security Leader proficient in Threat and Vulnerability Management, with substantial expertise in Cloud-based Infrastructure and Mac device fleets. Joining the Security Engineering team, you will collaborate closely with the Engineering, Infrastructure, and IT teams overseeing our cloud operations, software development, and device and endpoint management.
Key Focus Areas:
- Develop and enhance Circle's Threat and Vulnerability Management strategy, fostering its implementation and operational integration
- Collaborate actively with Engineering, Infrastructure, and IT teams to ensure secure software development, detect and prioritize vulnerabilities, offer remediation advice, and uphold service level agreements
- Integrate into the existing Threat and Vulnerability Management program, conducting comprehensive risk assessments
- Propose and validate Security enhancements and controls across our infrastructure and enterprise framework
- Cultivate relationships with essential stakeholders, including cross-functional leadership and internal auditing
- Generate data-driven reports on technology risk for senior management
- Spearhead ongoing technology stack improvements
Key Qualifications:
JOIN US:
- Possess an inventive approach to solution collaboration with engineering teams
- Demonstrated proficiency with Cloud vulnerability scanning tools such as Wiz, Prisma Cloud, Qualys, or Amazon Inspector
- Hands-on expertise in coding and technical delivery of vulnerability scanning solutions using technologies like Terraform, Github, Jira, Python, and more, within a mid to large Enterprise context
- Proven experience in enterprise program management and high-quality reporting, setting OKRs and establishing KRIs
- Proficiency in Cloud Infrastructure specifically AWS, and an added advantage with GCP and/or Azure
- In-depth understanding of containerization, orchestration, and Cloud-scale solutions
- Solid experience in CICD within the SDLC process
- Well-versed in Slack, Apple MacOS, and GSuite platforms
- Familiarity with CVSS, EPSS, threat intelligence, and risk analysis practices
- Excitement for automation and scalable security practices
- Self-motivated and skilled in creative problem-solving, with the ability to work independently
- Proven ability in multitasking and effective prioritization, even in high-pressure situations
- Capability to influence, efficiently resolve issues, and meet organizational objectives
- Proficient in designing and implementing audit-friendly controls
- Ideally possess financial services or financial technology expertise
- Postgraduate degree in computer sciences or relevant fields highly preferred
- Strong team player, effective in collaborative efforts during challenging circumstances
- Knowledge of standards such as ISO 27001/27002 and the NIST Cybersecurity Framework is a plus
- With 8+ years in cybersecurity, including 4+ years in technical team management
- Certified Cloud Security Professional (CCSP) and blockchain/web3 development familiarity is preferred
Additional Information:
- This role allows for day-one PERM sponsorship for qualified candidates.
Circle is committed to fostering an inclusive financial future, operating with transparency at its core. Compensation is determined by various factors including relevant experience, qualifications, and organizational needs. Beyond a competitive base range, the total compensation package includes annual bonuses, equity, and comprehensive benefits.
Starting Pay Range: $205,000 - $265,000 Annually
Annual Bonus Target: 17.5%
Also Included: Equity & Benefits (medical, dental, vision, 401(k)), discretionary vacation policy, 10 days of paid sick leave, and 11 paid holidays in the U.S.
Circle is an equal opportunity employer, promoting diversity and inclusivity. No discrimination is made based on race, religion, gender, age, or disability status. Moreover, Circle participates in the E-Verify Program where required by law.
PI134264596