Circle is hiring a
Principal Security Engineer

Summary

The job is for a Principal Security Engineer at Circle, a financial technology company focusing on blockchain and digital currency. The role involves leading security projects, testing applications for vulnerabilities, automating security tests, developing secure coding standards, researching blockchain-specific vulnerabilities, and supporting other security team projects.

Requirements

• 7+ years of total experience in a cyber security role
• 4+ years of experience as a security engineer that has been leading and driving projects and developing resolutions in cybersecurity

Responsibilities

• Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely
• Test web3 and web2 applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution
• Recommend code changes to eliminate vulnerabilities
• Automate security tests within the CI/CD pipeline
• Help develop secure coding standards and training materials based on findings seen in Circle’s environment to empower engineers to write more secure code
• Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle’s security practices
• Serve as an escalation point to investigate security alerts and identify incidents
• Investigate vulnerability reports related to Circle products and systems
• Manage vendors to conduct penetration tests and other security-related projects
• Influence the continuous improvement of the application security program
• Support other security team projects such as threat modeling, vulnerability scanning, and audits

Preferred Qualifications

• Experience working on applications deployed within AWS and GCP
• Experience working with Blockchains such as Etherium, Bitcoin, Solana
• Working knowledge of public and private key cryptography
• Demonstrated familiarity with techniques for making software robust against common attacks
• Self-motivated and creative problem-solver able to work independently with minimal guidance
• Demonstrated ability to work collaboratively across geographically distributed teams
• Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly
• Experience working in financial services or financial technology desired
• Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted
• Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required
• Experience with at least several of the following is highly desirable: Solidity, Rust, Go, Move, JSON, and Python
• Previous experience working in a remote environment is preferred

Benefits

An appetite for work travel when needed