Lead Security Engineer, Detection and Response

United States

Closing soon

Circle is a financial technology company at the epicenter of the emerging internet of money, where value can finally travel like other digital data — globally, nearly instantly and less expensively than legacy settlement systems. This ground-breaking new internet layer opens up previously unimaginable possibilities for payments, commerce and markets that can help raise global economic prosperity and enhance inclusion. Our infrastructure – including USDC, a blockchain-based dollar – helps businesses, institutions and developers harness these breakthroughs and capitalize on this major turning point in the evolution of money and technology.

What you'll be part of:

Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values: Multistakeholder, Mindfulness, Driven by Excellence and High Integrity. Circlers are consistently evolving in a remote world where strength in numbers fuels team success. We have built a flexible and diverse work environment where new ideas are encouraged and everyone is a stakeholder.

What you'll be responsible for:

The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. The security team leads the company's programs for information security and cybersecurity, business continuity, and vendor risk management.

As a member of this team, you'll be responsible for leading technical response efforts and other types of incidents. Acting as a team technical consultant, you'll help find the root cause of incidents and events involving our cloud infrastructure (primarily AWS) and codebase. We need someone who can rip through logs, coordinate with technical peers, put the pieces together and has a knack for that “a-ha” moment when it feels like all possibilities are exhausted.

You will also have responsibility for writing detections, and the ideal candidate will have some ability to help maintain the team's technology stack and log pipelines that feed our SIEM, TIP and other security tools.

You will continue to learn and stay current in a fun and rapidly changing environment.

Also note that this is a small, global team and the position will require you to perform on-call duties during working hours to support security operations and assist the team with the occasional night time and weekend incidents.

What you'll work on:

  • Respond to incidents and collaborate across teams to investigate and resolve.
  • Command large-scale, multi-stakeholder incidents when needed.
  • Write and implement detection-as-code to identify anomalous behaviors and attacks across the environment.
  • Drive development and improvements in security incident and event management, and security orchestration and automation.
  • Build and leverage relationships with peer teams in TechOps, engineering and product.
  • Help with playbook and response plan design and implementation.
  • Participate in a global on call rotation to help respond to security alerts and incident escalations.
  • You will aspire to our four core values:

  • Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
  • Mindful - you seek to be respectful, an active listener and to pay attention to detail.
  • Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
  • High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.
  • What you'll bring to Circle:

  • 5+ years of experience as an incident responder in a cloud environment (ideally AWS, but not required). Background as a security engineer, site reliability engineer, cloudops engineer or systems engineer with strong cybersecurity exposure would also be considered as long as you have experience as a first responder.
  • Very strong technical and leadership skills in Incident Response and Threat Detection with proven experience as an Incident Commander.
  • Strong upward communication skills.
  • Creative problem-solver.
  • Strong ability to work collaboratively across teams during high-stress situations.
  • Experience helping manage SIEM and SOAR solutions.
  • Experience with SQL is required and knowledge of Python (or other similar language) is preferred.
  • Familiarity with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework is desirable.
  • Experience working in financial services or financial technology desired.
  • Proficiency in Google Suite, Slack and Apple MacOS preferred.
  • Ability to manage data from various sources, such as S3 buckets, syslog, network devices, endpoints, and API sources is a plus.
  • Preferably located in Eastern or Central Time Zones, but not a limiting factor.
  • Senior engineers looking for the next step in their careers are encouraged to apply.
  • Additional Information:

  • This position is eligible for day-one PERM sponsorship for qualified candidates.
  • Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.

    Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations.

    Base Pay Range: $172,500 - $227,500

    Annual Bonus Target: 15%

    Also Included: Equity & Benefits (including medical, dental, vision and 401(k)). Circle has a discretionary vacation policy. We also provide 10 days of paid sick leave per year and 11 paid holidays per year in the U.S.

    We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. Additionally, Circle participates in the E-Verify Program in certain locations, as required by law.


    Job details


    Lead Security Engineer, Detection and Response




    United States


    March 27, 2024

    Application deadline

    April 26, 2024

    Job type




    About the employer

    Similar jobs

    Recent blogs