Senior Manager, Threat and Vulnerability Management

Summary

The job is for a Security Leader at financial technology company Circle who will manage threat and vulnerability, partner with engineering teams, and implement security strategies. The candidate should have expertise in cloud-based infrastructure, containerization, orchestration, and cybersecurity.

Requirements

• Creative and flexible solutioning as you partner with engineering teams
• Expertise with Cloud vulnerability scanning solutions like Wiz, Prisma Cloud, Qualys, or Amazon Inspector is required
• Hands-on technical and coding experience with developing, deploying, and integrating vulnerability scanning solutions with technologies such as Terraform, Github, Jira, Python and others, in context of a mid to large Enterprise
• Enterprise program management and reporting with experience setting OKRs and creating KRIs
• Expertise with Cloud Infrastructure in AWS is required, GCP and/or Azure is preferred
• Extensive knowledge of containerization, orchestration and cloud scale solutions
• Expertise with CICD within the SDLC process
• Expertise with Slack, Apple MacOS and GSuite is required
• Familiarity with CVSS, EPSS, threat intelligence, and performing risk analysis
• Enthusiasm for automation, scalable and reproducible security practices
• Self-motivated and creative problem-solver able to work independently
• Proficiency in managing multiple competing priorities and use good judgment to establish order or priorities on the fly for themselves and their team
• Ability to influence and expediently resolve issues and achieve organizational objectives
• The ability to design and operate controls that are easy to test and audit

Responsibilities

• Execute and enhance Circle’s Threat and Vulnerability Management strategy, implementation, and operationalization
• Actively partner with our Engineering, Infrastructure, and IT teams on the secure development of software, identifying and triaging vulnerabilities, providing remediation guidance, and maintaining SLAs
• Integrate into our current Threat and Vulnerability Management program and perform comprehensive risk assessments
• Recommend and validate Security controls and improvements across our infrastructure and enterprise stack
• Own and build relationships with key stakeholders such as cross-functional leaders and internal auditors
• Produce data-based reports on technology risk for senior management
• Drive continuous improvement in the tech stack

Preferred Qualifications

• Experience working in financial services or financial technology desired
• Advanced degree in computer science, or related fields strongly preferred
• Strong ability to work collaboratively across teams during high-stress situations
• An understanding of standards such as ISO 27001/27002 and the NIST Cybersecurity Framework desirable

Benefits

• Base Pay Range: $205,000 - $265,000
• Annual Bonus Target: 17.5%
• Equity & Benefits (including medical, dental, vision and 401(k))
• Circle has a discretionary vacation policy
• We also provide 10 days of paid sick leave per year and 11 paid holidays per year in the U.S