By continuing to use this site you agree to and accept our cookie policy

Senior Security Engineer, Application Security



Circle is a global financial technology firm that enables businesses of all sizes to harness the power of digital currency and public blockchains for payments, commerce and financial applications worldwide. Circle's platform has supported over 100 million transactions worth tens of billions of dollars, with nearly 10 million retail customers, over a thousand businesses, while storing and securing more than $5 billion in digital currency assets. Circle is also a principal developer of USD Coin (USDC), which together with Coinbase and the Centre Consortium oversees the standards and protocol for what has become the fastest growing, regulated, fully-reserved stablecoin. USDC now stands at well over $10 billion market cap and is adding nearly $300 million net new digital dollars in circulation every week. Today, Circle's transactional services, business accounts, and platform APIs are giving rise to a new generation of financial services and commerce applications that hold the promise of raising global economic prosperity for all through programmable internet commerce.

What you’ll be part of:

With the mission “To raise global economic prosperity through programmable internet commerce,” Circle was founded on the belief that blockchains and digital currency will rewire the global economic system, creating a fundamentally more open, inclusive, efficient and integrated world economy. We envision a global economy where people and businesses everywhere can more freely connect and transact with each other with new technologies for digital money. We believe such a system can raise prosperity for people and companies everywhere.

What you’ll be responsible for:

In 2020, Circle unveiled : a set of solutions and smarter technology to help businesses accept payments in a more global, scalable and efficient alternative to traditional banking rails (spoiler: we’re using USD Coin under the hood).

Over the next 12 months, we’re going to rapidly grow our API customer base and enable even more businesses to easily integrate and benefit from the breakthrough of programmable money on the internet.

The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. The security team leads the company’s programs for information security and cybersecurity, business continuity, and vendor risk management.

As a member of this team, you’ll lead projects and be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.

What you’ll work on:

Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely

Test web applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution

Recommend code changes to eliminate vulnerabilities

Automate security tests within the CI/CD pipeline

Help develop secure coding standards and training materials based on findings seen in Circle’s environment to empower engineers to write more secure code

Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle’s security practices

Serve as an escalation point to investigate security alerts and identify incidents

Investigate vulnerability reports related to Circle products and systems

Manage vendors to conduct penetration tests and other security-related projects

Influence the continuous improvement of the application security program

Support other security team projects such as threat modeling, vulnerability scanning, and audits.

You will aspire to our four core values:

Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.

Mindful - you seek to be respectful, an active listener and to pay attention to detail.

Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.

High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.

What you’ll bring to Circle:

Enthusiasm for securing software

Enthusiasm for breaking software

Experience with common attack techniques and conducting penetration tests

Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.

Experience automating security tests in CI/CD pipelines

Experience working with SAST and DAST testing processes and tools

Working knowledge of public and private key cryptography

Familiarity with techniques for making software robust against common attacks

Self-motivated and creative problem-solver able to work independently with minimal guidance

Strong ability to work collaboratively across teams

Ability to manage multiple competing priorities and use good judgement to establish order of priorities on the fly

Experience working in financial services or financial technology desired

Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted

Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required

Three or more years of experience as a security engineer or software engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity

Experience working on applications deployed within AWS highly desirable

Experience with at least several of the following is highly desirable: Java, Angular JS, REST APIs, JSON, and Python

If you are passionate about finding software vulnerabilities, developing scalable solutions to protect applications, are interested in building something meaningful and would love to work in an entrepreneurial environment, we can't wait to hear from you.

We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.


Share this job

Similar jobs