Circle is a global financial technology firm that enables businesses of all sizes to harness the power of digital currency & public blockchains for payments, commerce & financial applications worldwide. Circle's platform has supported over 100 million transactions worth tens of billions of dollars, with nearly 10 million retail customers, over a thousand businesses, while storing & securing more than $5 billion in digital currency assets. Circle is also the creator of USD Coin (USDC), the fastest growing, regulated, dollar, which is quickly approaching 10 billion in circulation, growing over 1000% year over year. Today, Circle's transactional services, business accounts, & platform APIs are giving rise to a new generation of financial services & commerce applications that hold the promise of raising global economic prosperity for all through programmable internet commerce.
What youll be part of:
With the mission To raise global economic prosperity through programmable internet commerce, Circle was founded on the belief that blockchains & digital currency will rewire the global economic system, creating a fundamentally more open, inclusive, efficient & integrated world economy. We envision a global economy where people & businesses everywhere can more freely connect & transact with each other with new technologies for digital money. We believe such a system can raise prosperity for people & companies everywhere.
What youll be responsible for:
In 2020, Circle unveiled Circle APIs: a set of solutions & smarter technology to help businesses accept payments in a more global, scalable & efficient alternative to traditional banking rails (spoiler: were using USD Coin under the hood).
Over the next 12 months, were going to rapidly grow our API customer base & enable even more businesses to easily integrate & benefit from the breakthrough of programmable money on the internet.
The Circle Security Team works to protect Circle; our customers, clients, & partners; & the financial markets upon which we rely. The security team leads the companys programs for information security & cybersecurity, business continuity, & vendor risk management.
As a member of this team, youll lead projects & be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn & stay current in a fun & rapidly changing environment.
What youll work on:
- Work with the product management & software engineering teams during all phases of the SDLC to ensure that applications are designed & implemented securely
- Test web applications & underlying systems for vulnerabilities using both tools & manual techniques; manage the remediation of findings through resolution
- Recommend code changes to eliminate vulnerabilities
- Automate security tests within the CI/CD pipeline
- Help develop secure coding standards & training materials based on findings seen in Circles environment to empower engineers to write more secure code
- Research vulnerabilities specific to blockchain technologies & incorporate this knowledge in Circles security practices
- Serve as an escalation point to investigate security alerts & identify incidents
- Investigate vulnerability reports related to Circle products & systems
- Manage vendors to conduct penetration tests & other security-related projects
- Influence the continuous improvement of the application security program
- Support other security team projects such as threat modeling, vulnerability scanning, & audits.
You will aspire to our four core values:
- Multistakeholder - you have dedication & commitment to our customers, shareholders, employees & families & local communities.
- Mindful - you seek to be respectful, an active listener & to pay attention to detail.
- Driven by Excellence - you are driven by our mission & our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity & you work intensely to achieve your goals.
- High Integrity - you seek open & honest communication, & you hold yourself to very high moral & ethical standards. You reject manipulation, dishonesty & intolerance.
What youll bring to Circle:
- Enthusiasm for securing software
- Enthusiasm for breaking software
- Experience with common attack techniques & conducting penetration tests
- Experience designing software security features including, but not limited to, access control features, logging & monitoring features, input validation & session management.
- Experience automating security tests in CI/CD pipelines
- Experience working with SAST & DAST testing processes & tools
- Working knowledge of public & private key cryptography
- Familiarity with techniques for making software robust against common attacks
- Self-motivated & creative problem-solver able to work independently with minimal guidance
- Strong ability to work collaboratively across teams
- Ability to manage multiple competing priorities & use good judgement to establish order of priorities on the fly
- Experience working in financial services or financial technology desired
- Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted
- Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required
- Three or more years of experience as a security engineer or software engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity
- Experience working on applications deployed within AWS highly desirable
- Experience with at least several of the following is highly desirable: Java, Angular JS, REST APIs, JSON, & Python
If you are passionate about finding software vulnerabilities, developing scalable solutions to protect applications, are interested in building something meaningful & would love to work in an entrepreneurial environment, we can't wait to hear from you.
We are an equal opportunity employer & value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.