Key skills
Cloud InfrastructureBlockchain technologiesApplication securityInfrastructure as codeContainerizationCybersecurityISO 27001/27002NIST Cybersecurity FrameworkFinancial services experienceSlackApple MacOSGSuiteAWSAzureGCPBlockchainEthereumOWASPCloud Security
About this role
Circle is one of the world’s leading internet financial platform companies, building the foundation of a more open, global economy through digital assets and programmable blockchain infrastructure. The Senior Principal Security Engineer will be responsible for developing and implementing the Cloud Security strategy and working closely with Infrastructure teams to enhance the security posture of Circle's cloud-based services.
Responsibilities:
- Actively partner with the Senior Director, Security Engineering on the Cloud Security strategy, implementation and operationalization
- Actively partner with our Infrastructure teams on the development and deployment of the Arc chain and supporting services
- Evolve, fine tune and expand our current Cloud Security posture across multiple platforms, cloud providers and systems
- Develop infrastructure requirements, security controls and delivery pipeline for third party validators running Arc nodes
- Recommend and validate Security controls and improvements across our infrastructure stack
- Own and build relationships with key external stakeholders such as customers, vendors, and auditors
- Produce data-based reports on technology risk for senior management
- Drive continuous improvement in the tech stack
Requirements:
- 15+ years of experience as a security engineer or infrastructure security engineering with a minimum of five years (can be overlapping) with a focus on cybersecurity
- Expertise with Cloud Infrastructure like AWS, GCP or Azure
- Expertise with running Blockchain nodes for different blockchains such as Ethereum, Cosmos, Solana and others
- Extensive knowledge of secure best practices for Cloud based Infrastructure
- Extensive knowledge of containerization, orchestration and cloud scale solutions
- You speak and write in Infrastructure as code, with an enthusiasm for automation, scalable and reproducible security practices
- Self-motivated and creative problem-solver able to work independently
- Proficiency in managing multiple competing priorities and use good judgment to establish order or priorities on the fly for themselves and their team
- Ability to influence internal and external customers to expediently resolve issues and achieve organizational objectives
- The ability to design and operate controls that are easy to test and audit
- Experience with application security including standards like OWASP, tools like Burp Suite, and secure coding practices is a requirement
- Experience working in financial services or financial technology desired
- Advanced degree in computer science, or related fields strongly preferred
- An understanding of standards such as ISO 27001/27002 and the NIST Cybersecurity Framework desirable
- Experience/familiarity with Slack, Apple MacOS and GSuite