Senior Security Engineer
Posted on 11/22/2022
Remote in USA • Dorchester, Boston, MA, USA
- Enthusiasm for securing software
- Enthusiasm for breaking software
- Experience with common attack techniques and conducting penetration tests
- Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management
- Experience automating security tests in CI/CD pipelines
- Experience working with SAST and DAST testing processes and tools
- Working knowledge of public and private key cryptography
- Familiarity with techniques for making software robust against common attacks
- Self-motivated and creative problem-solver able to work independently with minimal guidance
- Strong ability to work collaboratively across teams
- Ability to manage multiple competing priorities and use good judgement to establish order of priorities on the fly
- Experience working in financial services or financial technology desired
- Bachelor's degree in computer science, computer engineering, cybersecurity or related field Equivalent experience also accepted
- Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required
- Three or more years of experience as a security engineer or software engineer with a minimum of two years (can be overlapping) with a focus on cybersecurity
- Experience working on applications deployed within AWS highly desirable
- Experience with at least several of the following is highly desirable: Java, Angular JS, REST APIs, JSON, and Python
- This position is eligible for day-one PERM sponsorship for qualified candidates
- Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely
- Test web applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution
- Recommend code changes to eliminate vulnerabilities
- Automate security tests within the CI/CD pipeline
- Help develop secure coding standards and training materials based on findings seen in Circle's environment to empower engineers to write more secure code
- Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle's security practices
- Serve as an escalation point to investigate security alerts and identify incidents
- Investigate vulnerability reports related to Circle products and systems
- Manage vendors to conduct penetration tests and other security-related projects
- Influence the continuous improvement of the application security program
- Support other security team projects such as threat modeling, vulnerability scanning, and audits
- Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities
- Mindful - you seek to be respectful, an active listener and to pay attention to detail
- Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals
- High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance
Platform for businesses to accept payments and send payouts
Circle's mission is to raise global economic prosperity through programmable internet commerce. The company is a global financial technology firm that’s at the center of digital currency innovation and open financial infrastructure.
- Paid time off - We offer flexible paid time off — take what you need as long as it works with you and your team, and all Circle employees get mobile phone and home office reimbursements.
- Health coverage - No matter where you live, we offer a market competitive suite of benefits. Enroll in health, dental, vision, disability, and life insurances, and Circle covers some or all of the premiums.
- Invested in your future - All U.S. full-time and part-time employees enjoy 401(k) and pensions (with 4% company match if you contribute 5% or more), and share Circle’s success via company equity awards.
- Learning & development - Your individual growth and development is important to us and we provide the resources to help you grow your career while at Circle.
Company Core Values
- We are Multistakeholder - As an institution, we exist in a broad stakeholder context, which means that we must organize, incentivize and measure ourselves against meeting the needs of all of our stakeholders — our customers, our shareholders, our employees and families, our local communities and our world.
- We are Mindful - We seek to be present and aware, to be respectful, active listeners (with each other and with our customers alike), and to pay attention to detail. We don’t rush to judgement, and when we are swept up by strong emotions we patiently observe and acknowledge them and try to not just react. Our mindfulness leads to better understanding, and more respectful, careful and deliberate choices.
- We are Driven by Excellence - We are driven by our mission and our passion for customer success. Being driven also means that we relentlessly pursue excellence, that we do not tolerate mediocrity, that we reward based on merit, and that we work intensely to achieve our goals. Being driven doesn’t mean that we are assholes and plough over people or tolerate a culture of aggressiveness. We are a team. Part of our drive is to bring everyone along in our collective achievement.
- We are High Integrity - We seek open and honest communication, and hold ourselves to very high moral and ethical standards. When we say we will do something, we do it. When we are having difficulty and need help, we talk about it. We treat each other and our customers with the utmost respect. We reject manipulation, dishonesty and intolerance. We welcome vulnerability and uncertainty, which needs to be listened to in order to bring people along, and helps us to constantly learn and improve. Our customers and partners implicitly experience us as high integrity, and our customer centric choices demonstrate this to them again and again.