Senior Security Engineer, Application Security
Miami - will also consider remote in US
CircleCircle helps businesses and developers harness the power of digital currency stablecoins, like USDC, for payments and internet commerce. Learn more!
Circle is a global financial technology firm that enables businesses of all sizes to harness the power of digital currency and public blockchains for payments, commerce and financial applications worldwide. Circle platforms and products provide a suite of internet-native financial services for payments, treasury infrastructure and capital formation. Circle is also a principal developer of USD Coin (USDC), which has become the fastest growing dollar digital currency in the world. USDC has grown to over 44+ billion in circulation and supported over $1.7+ trillion in transactions in the past year. Circle’s payments and treasury infrastructure services available through the Circle Account and APIs helps bridge the legacy financial system and digital currency and blockchain based finance. Combined, Circle’s suite of services helps companies to participate in a more open, global and inclusive financial system.
What you’ll be part of:
With the mission “To raise global economic prosperity through the frictionless exchange of value,” Circle was founded on the belief that the internet, blockchains and digital currency will rewire the global economic system, creating a fundamentally more open, inclusive, efficient and integrated world economy. We envision a global economy where people and businesses everywhere can more freely connect and transact with each other with new technologies for digital money and internet-native finance. We believe such a system can raise prosperity for people and companies everywhere. Our mission is powered by the values we espouse and which we expect all Circlers to respect. We are Multistakeholder, serving the needs of our customers, our shareholders, our employees and families, our local communities and our world. Furthermore, we are also Mindful, Driven by Excellence, and High Integrity.
What you’ll be responsible for:
In 2020, Circle unveiled Circle APIs: a set of solutions and smarter technology to help businesses accept payments in a more global, scalable and efficient alternative to traditional banking rails (spoiler: we’re using USD Coin under the hood).
Over the next 12 months, we’re going to rapidly grow our API customer base and enable even more businesses to easily integrate and benefit from the breakthrough of programmable money on the internet.
The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. The security team leads the company’s programs for information security and cybersecurity, business continuity, and vendor risk management.
As a member of this team, you’ll lead projects and be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.
What you’ll work on:
- Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely
- Test web applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution
- Recommend code changes to eliminate vulnerabilities
- Automate security tests within the CI/CD pipeline
- Help develop secure coding standards and training materials based on findings seen in Circle’s environment to empower engineers to write more secure code
- Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle’s security practices
- Serve as an escalation point to investigate security alerts and identify incidents
- Investigate vulnerability reports related to Circle products and systems
- Manage vendors to conduct penetration tests and other security-related projects
- Influence the continuous improvement of the application security program
- Support other security team projects such as threat modeling, vulnerability scanning, and audits.
You will aspire to our four core values:
- Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
- Mindful - you seek to be respectful, an active listener and to pay attention to detail.
- Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
- High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.
What you’ll bring to Circle:
- Enthusiasm for securing software
- Enthusiasm for breaking software
- Experience with common attack techniques and conducting penetration tests
- Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.
- Experience automating security tests in CI/CD pipelines
- Experience working with SAST and DAST testing processes and tools
- Working knowledge of public and private key cryptography
- Familiarity with techniques for making software robust against common attacks
- Self-motivated and creative problem-solver able to work independently with minimal guidance
- Strong ability to work collaboratively across teams
- Ability to manage multiple competing priorities and use good judgement to establish order of priorities on the fly
- Experience working in financial services or financial technology desired
- Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted
- Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required
- Three or more years of experience as a security engineer or software engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity
- Experience working on applications deployed within AWS highly desirable
- Experience with at least several of the following is highly desirable: Java, Angular JS, REST APIs, JSON, and Python
If you are passionate about finding software vulnerabilities, developing scalable solutions to protect applications, are interested in building something meaningful and would love to work in an entrepreneurial environment, we can't wait to hear from you.
- This position is eligible for day-one PERM sponsorship for qualified candidates.
We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.#LI-Remote
* Salary range is an estimate based on our salary survey 💰
Perks/benefits: Career development
More jobs like this
Remote- US, Canada, UK, … Remote- US, Canada, UK, Germany Full TimeSenior Senior-levelUSD 56K - 104K * USD 56K+ *
Sr. Software Engineer (Security)Application security Audits Cryptography Machine Learning Open Source OWASP PKI +2
Career development Equity Flex hours Flex vacation Health care +3
Explore more InfoSec/Cybersecurity career opportunities
Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.
- Open Information Security Officer jobs
- Open SOC Analyst jobs
- Open Staff Product Security Engineer jobs
- Open Senior SOC Analyst jobs
- Open Information Security Specialist jobs
- Open IT Security Engineer jobs
- Open Head of Information Security jobs
- Open Security Consultant jobs
- Open Lead Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Information System Security Officer (ISSO) jobs
- Open Infrastructure Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Staff Application Security Engineer jobs
- Open Senior Infrastructure Security Engineer jobs
- Open Sr. Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Information Security Engineer jobs
- Open Staff Security Engineer jobs
- Open IT Security Analyst jobs
- Open Senior Cybersecurity Engineer jobs
- Open Senior Security Analyst jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Offensive Security Engineer jobs
- Open Senior Air Defense/BMD Subject Matter Expert jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open GCP-related jobs
- Open Network security-related jobs
- Open Governance-related jobs
- Open Risk assessment-related jobs
- Open SaaS-related jobs
- Open Forensics-related jobs
- Open ISO 27001-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open Threat intelligence-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open Analytics-related jobs
- Open Cryptography-related jobs
- Open Kubernetes-related jobs
- Open CISM-related jobs
- Open DevSecOps-related jobs
- Open APIs-related jobs
- Open IAM-related jobs
- Open PowerShell-related jobs
- Open TCP/IP-related jobs
- Open CI/CD-related jobs