Senior Security Engineer, Detection and Response

Circle is a financial technology company positioned at the forefront of the emerging internet of money, delivering a platform where value can seamlessly travel like other digital data worldwide, almost instantly, and at a lower cost compared to traditional settlement systems. This innovative internet layer introduces unprecedented opportunities for payments, commerce, and markets to elevate global economic prosperity and foster inclusivity. Our infrastructure, inclusive of the blockchain-based dollar, USDC, empowers businesses, institutions, and developers to leverage these advancements and capitalize on the significant shift in the convergence of money and technology.

What You Will Be Involved In

At Circle, transparency and reliability are foundational to all our operations. Our expansion into some of the world's most influential jurisdictions underscores our commitment to speed, efficiency, and the cultivation of an employee base guided by our core values: Multistakeholder, Mindfulness, Driven by Excellence, and High Integrity. A remote working environment fuels continuous evolution and success through teamwork, openness to new ideas, and a culture of shared ownership.

What You Will Do

Circle recently introduced Circle APIs, offering advanced solutions and innovative technologies to facilitate global, scalable, and efficient payment acceptance as an alternative to traditional banking systems. The Security Team at Circle diligently safeguards the organization, its customers, clients, and partners, along with the financial markets that underpin our operations. As a part of this team, you will oversee projects and deliver essential components of the security program while fostering collaboration across various teams at Circle. You will need to adapt to a dynamic and fast-paced environment that thrives on ongoing learning and staying updated with industry trends.

This role will require you to engage in on-call responsibilities primarily during regular working hours to support security operations. There may be periodic needs for assistance outside normal working hours and on weekends to address security incidents effectively. We seek individuals with a solid background in response and exposure to insider risks.

Key Responsibilities

• Proactively identifying and responding to emerging security threats
• Identifying deficiencies in our infrastructure and working with partners to enhance monitoring and detection capabilities
• Responding to incidents and collaborating across teams to investigate and resolve issues
• Developing detection methods to spot abnormal activities and threats across the environment
• Providing support for insider risk investigations during off-hours in the US timezone
• Configuring and managing security monitoring tools like EDR and intrusion detection systems
• Driving advancements in Security Incident and Event Management, Case Management, and Automation
• Offering security guidance to various departments within the organization
• Assisting in broader security team initiatives including threat assessments, vulnerability scanning, audits, and tool development
• Participating in on-call rotations to address critical alerts after usual working hours

What You'll Contribute to Circle

• Collaborative teamwork during high-pressure situations
• Effective management of concurrent priorities, with the ability to adapt and prioritize promptly
• Self-motivation and a problem-solving mindset to work autonomously with minimal supervision
• Familiarity or experience with Slack, Apple MacOS, and GSuite

Qualifications and Experience

• Bachelor's degree in computer science, computer engineering, cybersecurity, or relevant fields
• 4+ years of experience in detection, response, or security engineering
• Familiarity with Cybersecurity regulations, MAS notices, and guidelines on cybersecurity
• Profound understanding of SIEM, Case Management, and SOAR solutions
• Leadership experience in handling security incidents at all levels
• Knowledge of MacOS operating systems, file systems, and memory
• Background in working within a Security Operations Center (SOC) or dedicated security incident response team
• Experience in investigating insider-related incidents
• Programming skills in Python, Golang, or similar languages
• Proficiency in developing Detections as Code
• Previous exposure to AWS environments, ideally in financial services or financial technology domains
• Experience or familiarity with Slack, Apple MacOS, and GSuite

Ideal Candidate Traits

• A view of Security Detection & Response as both a data and engineering challenge
• Positivity in approach and communication
• Willingness to share innovative ideas openly
• Problem-solving attitude with a proactive mindset to tackle challenges head-on
• Self-reliant, motivated, and fearless in communication