Circle (NYSE: CRCL) is one of the world’s leading internet financial platform companies, building the foundation of a more open, global economy through digital assets, payment applications, and programmable blockchain infrastructure. Circle’s platform includes the world’s largest regulated stablecoin network anchored by USDC, Circle Payments Network for global money movement, and Arc, an enterprise-grade blockchain designed to become the Economic OS for the internet. Enterprises, financial institutions, and developers use Circle to power trusted, internet-scale financial innovation. Learn more at circle.com
What you’ll be part of:
Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values High Integrity, Future Forward, Multistakeholder, Mindful, and Driven by Excellence. We have built a flexible work environment where new ideas are encouraged and everyone is a stakeholder.
What you'll be responsible for:
The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely.
As a member of this team, you'll lead projects and be responsible for key deliverables of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.
This role sits at the intersection of three of Circle's highest-stakes threat surfaces: our blockchain and custody environments (USDC issuance, Arc, on-chain monitoring), our cloud-native infrastructure (AWS + EKS), and the AI tooling Circle adopts internally and ships in product. You'll build detection coverage and response capability across all three; not as a generalist, but as a Principal who can go deep on each.
Also note that this position will require you to perform on-call duties mainly during working hours to support security operations, and you will assist the team with the occasional night time and weekend incident. We would also like someone with a strong response background and some exposure to insider risk.
What you'll work on:
Proactively identify and respond to emerging security threats across cloud, endpoint, blockchain, and AI surfaces.
Build detection and response capability for blockchain and crypto-native threats: on-chain anomalies, custody-vault interactions, wallet abuse, smart contract exploitation, and protocol-level attackers targeting USDC and Circle's blockchain products.
Develop detection coverage for cloud-native attacks across AWS + EKS: IAM compromise, identity federation abuse, lateral movement in containerized workloads, runtime exploitation, and misconfiguration drift.
Extend detection for AI-specific risks: shadow AI adoption, unauthorized AI integrations, agentic workflows and MCP/tool abuse, and AI-driven credential exposure.
Advance deployment of AI to the SOC function including detection triage, enrichment, and analyst-acceleration workflows.
Develop plans to manage and maintain core tooling, such as SIEM and Orchestration platforms.
Identify gaps in our infrastructure, and work with business partners to gain visibility through logging and detection.
Lead and respond to incidents and collaborate across teams to investigate and resolve.
Develop detection techniques to identify anomalous behaviors and attacks across the environment.
Provide security guidance to various organizations throughout the company.
Support broader security team projects such as threat modeling, vulnerability scanning, audits, and custom tool building.
Take on-call shifts (every 3rd week and occasional weekend).
What you'll bring to Circle:
Strong ability to work collaboratively across teams during high-stress situations, which sometimes involves after hours work.
Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly.
Self-motivated and creative problem-solver able to work independently with minimal guidance.
Experience/familiarity with Slack, Apple macOS, and GSuite.
We're looking for strong, impactful work experience, which typically includes:
10+ years of experience in detection, response, or security engineering.
3+ years of experience commanding security incidents, especially those involving engineering.
Deep cloud security knowledge in AWS environments: IAM, identity federation, KMS, EKS/container attack patterns, runtime exploitation, and CSPM tooling (e.g., Wiz). Some exposure to GCP or OCI is preferred.
Working knowledge of blockchain and crypto-native threats: wallet and custody attack patterns, on-chain monitoring, protocol-level risks, and smart contract abuse. Direct experience defending blockchain, custody, or DeFi infrastructure is strongly preferred.
Hands-on experience using AI tooling both to accelerate work and to address threats, coupled with a strong understanding of the organizational risks AI introduces shadow AI, agentic workflows, MCP/tool integrations, and strategies to defend against them.
Extensive knowledge of SIEM, Case Management, and SOAR solutions (e.g., Panther, Tines).
Knowledge of operating systems, file systems, and memory on macOS.
Programming experience in Python, Golang, or similar programming languages.
Experience with building Detections As Code.
You are the right person if you:
View Security Detection & Response as a data and engineering problem.
Exude positivity.
Aren't afraid to share your ideas.
Meet problems head-on and view them as opportunities.
Are self-reliant and motivated.
Communicate fearlessly.
Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.
Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations.
Base Pay Range: €110,000.00 - €170,000.00
We are an equal opportunity employer We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status, or any other protected status required by the laws in the locations where we hire. Additionally, Circle participates in the E-Verify Program in certain locations, as required by law.
Should you require accommodations or assistance in our interview process because of a disability, please reach out to accommodations@circle.com for support. We respect your privacy and will connect with you separately from our interview process to accommodate your needs.
#LI-Remote
Building the Internet Financial Platform — powered by USDC, Arc, and Circle Payments Network.
