Principal Security Engineer - Detection and Response
Role details
Job location
Tech stack
Job description
Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values: High Integrity, Future Forward, Multistakeholder, Mindful, and Driven by Excellence. We have built a flexible work environment where new ideas are encouraged and everyone is a stakeholder.
What you'll be responsible for:
The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely.
As a member of this team, you'll lead projects and be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.
Also note that this position will require you to perform on-call duties mainly during working hours to support security operations, and you will assist the team with the occasional night time and weekend incident. We would also like someone with a strong response background and some exposure to insider risk.
What you'll work on:
- Proactively identify and respond to emerging security threats.
- Advance deployment of AI to SOC function.
- Develop plans to manage and maintain core tooling, such as SIEM and Orchestration platforms.
- Identify gaps in our infrastructure, and work with business partners to gain visibility through logging and detection.
- Respond to incidents and collaborate across teams to investigate and resolve.
- Develop detection techniques to identify anomalous behaviors and attacks across the environment.
- Provide security guidance to various organizations throughout the company.
- Support broader security team projects such as threat modeling, vulnerability scanning, audits, and custom tool building.
- Take on-call shifts (every 3rd week and occasional weekend).
Requirements
- Strong ability to work collaboratively across teams during high-stress situations, which sometimes involves after hours work.
- Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly.
- Self-motivated and creative problem-solver able to work independently with minimal guidance.
- Experience/familiarity with Slack, Apple MacOS and GSuite.
We're looking for strong, impactful work experience, which typically includes:
- 10+ years of experience in detection, response, or security engineering.
- 3+ years of experience commanding security incidents, especially those involving engineering.
- Experience working in an AWS + EKS environment required and some exposure to GCP or OCI preferred.
- Hands-on experience using AI tooling both to accelerate work and to address threats, coupled with a strong understanding of the organizational risks AI introduces and strategies to defend against them.
- Extensive knowledge of SIEM, Case Management, and SOAR solutions.
- Knowledge of operating systems, file systems, and memory on MacOS.
- Programming experience in Python, Golang, or similar programming languages.
- Experience with building Detections As Code.
- Professional or hobbyist blockchain exposure is preferred.
You are the right person if you:
- View Security Detection & Response as a data and engineering problem.
- Exude positivity.
- Aren't afraid to share your ideas.
- Meet problems head-on and view them as opportunities.
- Are self-reliant and motivated.
- Communicate fearlessly.
Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.
Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations.
