The Security Executive Council
Principal Security Engineer, Security
The Security Executive Council, Washington, District of Columbia, us, 20022
Circle is looking for a passionate Principal Security Engineer with an expertise in Product and BlockChain Security to help drive and implement technical strategies, innovative tooling, research, and processes. You’ll be part of the overall Security Engineering team and closely partner with the Engineering, Infrastructure, and IT teams responsible for supporting our cloud operations, software development, fleet of devices and endpoints.What you'll work on:Work with the product management and software engineering teams during all phases of the SDLC to ensure that applications are designed and implemented securely.Test web3 and web2 applications and underlying systems for vulnerabilities using both tools and manual techniques; manage the remediation of findings through resolution.Recommend code changes to eliminate vulnerabilities.Automate security tests within the CI/CD pipeline.Help develop secure coding standards and training materials based on findings seen in Circle’s environment to empower engineers to write more secure code.Research vulnerabilities specific to blockchain technologies and incorporate this knowledge in Circle’s security practices.Serve as an escalation point to investigate security alerts and identify incidents.Investigate vulnerability reports related to Circle products and systems.Manage vendors to conduct penetration tests and other security-related projects.Influence the continuous improvement of the application security program.Support other security team projects such as threat modeling, vulnerability scanning, and audits.Qualifications:
What you’ll bring to Circle:7+ years of total experience in a cyber security role.4+ years of experience as a security engineer that has been leading and driving projects and developing resolutions in cybersecurity.Enthusiasm for securing and breaking software.Experience with common attack techniques and conducting penetration tests.Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.Experience automating security tests in CI/CD pipelines.Experience working on applications deployed within AWS and GCP.Experience working with Blockchains such as Ethereum, Bitcoin, Solana.Working knowledge of public and private key cryptography.Demonstrated familiarity with techniques for making software robust against common attacks.Self-motivated and creative problem-solver able to work independently with minimal guidance.Demonstrated ability to work collaboratively across geographically distributed teams.Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly.Experience working in financial services or financial technology desired.Bachelor's degree in computer science, computer engineering, cybersecurity or related field. Equivalent experience also accepted.Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required.Experience with at least several of the following is highly desirable: Solidity, Rust, Go, Move, JSON, and Python.Previous experience working in a remote environment is preferred.
#J-18808-Ljbffr
What you’ll bring to Circle:7+ years of total experience in a cyber security role.4+ years of experience as a security engineer that has been leading and driving projects and developing resolutions in cybersecurity.Enthusiasm for securing and breaking software.Experience with common attack techniques and conducting penetration tests.Experience designing software security features including, but not limited to, access control features, logging and monitoring features, input validation and session management.Experience automating security tests in CI/CD pipelines.Experience working on applications deployed within AWS and GCP.Experience working with Blockchains such as Ethereum, Bitcoin, Solana.Working knowledge of public and private key cryptography.Demonstrated familiarity with techniques for making software robust against common attacks.Self-motivated and creative problem-solver able to work independently with minimal guidance.Demonstrated ability to work collaboratively across geographically distributed teams.Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly.Experience working in financial services or financial technology desired.Bachelor's degree in computer science, computer engineering, cybersecurity or related field. Equivalent experience also accepted.Certifications such as CISSP, CEH, or similar will receive favorable consideration but are not required.Experience with at least several of the following is highly desirable: Solidity, Rust, Go, Move, JSON, and Python.Previous experience working in a remote environment is preferred.
#J-18808-Ljbffr