Lead Security Engineer, Insider Threat and Investigations
Circle is a global financial technology firm that enables businesses of all sizes to harness the power of digital currency and public blockchains for payments, commerce and financial applications worldwide. Circle platforms and products provide a suite of internet-native financial services for payments, treasury infrastructure and capital formation. Circle is also a principal developer of USD Coin (USDC), which has become the fastest growing dollar digital currency in the world. USDC has grown to over 44+ billion in circulation and supported over $1.7+ trillion in transactions in the past year. Circle’s payments and treasury infrastructure services available through the Circle Account and APIs helps bridge the legacy financial system and digital currency and blockchain based finance. Combined, Circle’s suite of services helps companies to participate in a more open, global and inclusive financial system.
What you’ll be part of:
With the mission “To raise global economic prosperity through the frictionless exchange of value,” Circle was founded on the belief that the internet, blockchains and digital currency will rewire the global economic system, creating a fundamentally more open, inclusive, efficient and integrated world economy. We envision a global economy where people and businesses everywhere can more freely connect and transact with each other with new technologies for digital money and internet-native finance. We believe such a system can raise prosperity for people and companies everywhere. Our mission is powered by the values we espouse and which we expect all Circlers to respect. We are Multistakeholder, serving the needs of our customers, our shareholders, our employees and families, our local communities and our world. Furthermore, we are also Mindful, Driven by Excellence, and High Integrity.
What you’ll be responsible for:
In 2020, Circle unveiled Circle APIs: a set of solutions and smarter technology to help businesses accept payments in a more global, scalable and efficient alternative to traditional banking rails (spoiler: we’re using USD Coin under the hood). The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. As a member of this team, you’ll lead projects and be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.
What you'll work on:
- Partnering with stakeholders to help build and implement an Insider Threat Program to fit the company’s needs and goals.
- Leading the development and implementation of automated data access checks across various platforms to help detect abuse and data exfiltration.
- Performing security incident investigations using data analytics, and computer forensics
- Building automation and detection models to support identification of anomalous activity and response activities to mitigate insider threats at scale.
- Identify gaps in our infrastructure, and work with business partners to gain visibility through logging and detection.
- Partnering with stakeholders to contribute to Security Awareness messaging and Training.
You will aspire to our four core values:
- Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
- Mindful - you seek to be respectful, an active listener and to pay attention to detail.
- Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
- High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.
What you’ll bring to Circle:
- Strong ability to work collaboratively across teams during high-stress situations.
- Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly.
- Self-motivated and creative problem-solver able to work independently with minimal guidance.
- Experience/familiarity with Slack, Apple MacOS and GSuite.
We’re looking for strong, impactful work experience, which typically includes:
- In-depth knowledge of the insider threat landscape.
- 5+ years experience in security operations such as investigations or Digital Forensics and Incident Response (DFIR).
- Experience with Insider Threat technologies (SIEMs, Data Loss Prevention solutions, host forensic solutions).
- Solid experience in using AWS services such as EC2, S3, Lambda, and RDS.
- Exposure to programming, scripting and query languages such as Python, Golang, bash, SQL.
- Exposure to data science and analytics solutions applicable to the insider threat detection space.
- Knowledge of the Cyber Kill Chain Framework and familiarity of the MITRE ATT&CK Framework.
You are the right person if you:
- View Security Detection & Response as a data and engineering problem.
- Exude positivity.
- Aren't afraid to share your ideas.
- Meet problems head-on and view them as opportunities.
- Are self-reliant and motivated.
- Communicate fearlessly.
- This position is eligible for day-one PERM sponsorship for qualified candidates.
We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.