Director of Security Operations - DFIR

  • Circle
  • 5801 S Ellis Ave, Chicago, IL 60637, USA
  • Mar 14, 2021

Job Description

Circle is a global financial technology firm that enables businesses of all sizes to harness the power of digital currency and public blockchains for payments, commerce and financial applications worldwide. Circle's platform has supported over 100 million transactions worth tens of billions of dollars, with nearly 10 million retail customers, over a thousand businesses, while storing and securing more than $5 billion in digital currency assets. Circle is also the creator of USD Coin (USDC), the fastest growing, regulated, dollar, which is quickly approaching 10 billion in circulation, growing over 1000% year over year. Today, Circle's transactional services, business accounts, and platform APIs are giving rise to a new generation of financial services and commerce applications that hold the promise of raising global economic prosperity for all through programmable internet commerce.

What you'll be part of:

With the mission To raise global economic prosperity through programmable internet commerce, Circle was founded on the belief that blockchains and digital currency will rewire the global economic system, creating a fundamentally more open, inclusive, efficient and integrated world economy. We envision a global economy where people and businesses everywhere can more freely connect and transact with each other with new technologies for digital money. We believe such a system can raise prosperity for people and companies everywhere. Our mission is powered by the values we espouse and which we expect all Circlers to respect. We are Multistakeholder, serving the needs of our customers, our shareholders, our employees and families, our local communities and our world. Furthermore, we are also Mindful, Driven by Excellence, and High Integrity.

What you'll be responsible for:

In 2020, Circle unveiled Circle APIs : a set of solutions and smarter technology to help businesses accept payments in a more global, scalable and efficient alternative to traditional banking rails (spoiler: we're using USD Coin under the hood).

Over the next 12 months, we're going to rapidly grow our API customer base and enable even more businesses to easily integrate and benefit from the breakthrough of programmable money on the internet.

The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. The security team leads the company's programs for information security and cybersecurity, business continuity, and vendor risk management.

As a senior leader within the Security team, you'll lead and be responsible for key areas of the security program while collaborating across Circle teams. You will continue to learn and stay current in a fun and rapidly changing environment.

What you'll work on:
  • Lead the Security Operations Center team to develop, as necessary, follow-the-sun incident response capabilities
  • Establish policies and develop procedures for all aspects of security operations, focusing on threat modeling, threat hunting, digital forensics and incident response, and vulnerability management.
  • Recruit and develop team members to support all aspects of security operations
  • Build relationships with peers across the organization to develop effective, cross-departmental investigation and response capabilities
  • As a hands-on, technical leader, build relationships with systems owners to proactively develop and deploy security event detection and incident response technologies
  • As a hands-on, technical leader, respond to security events by collecting artifacts, conducting investigations, containing adversaries, and recovering business capabilities
  • Configure and maintain security monitoring tools such as antivirus or intrusion detection solutions
  • Use tools such as AWS Athena, AWS GuardDuty, AWS Cloudwatch, AWS Lambda, and ELK to record, monitor, and alert on security events.
  • Research and recommend new tools in support of business requirements
  • Escalate and report on incidents in accordance with policy and operational requirements.
  • Conduct forensics analysis on artifacts collected during incident response.
  • Hunt for incidents and identify environment-specific indicators of compromise
  • Model threats specific to the cryptocurrency industry and build detection capabilities specific to Circle's business
  • Take on-call shifts to respond to critical alerts after-hours
  • Support other security team projects such as threat modeling, vulnerability scanning, and audits.
  • Support the development and enhancement of controls based on incident response and threat hunting.
  • Lead the continuous improvement of the digital forensics and incident response program

You will aspire to our four core values:
  • Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
  • Mindful - you seek to be respectful, an active listener and to pay attention to detail.
  • Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
  • High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards. You reject manipulation, dishonesty and intolerance.

What you'll bring to Circle:
  • Enthusiasm for scalable, reproducible security management
  • Proven team building and team leadership experience
  • Deep knowledge of SIEM solutions, threat hunting, incident response, and incident management
  • Strong ability to work collaboratively across teams during high-stress situations
  • Self-motivated and creative problem-solver able to work independently with minimal guidance
  • Ability to manage multiple competing priorities and use good judgement to establish order of priorities on the fly
  • Experience working with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework highly desirable
  • Experience working in financial services or financial technology desired
  • Bachelor's degree in computer science, computer engineering, cybersecurity or related field; equivalent experience also accepted
  • Certifications such as CISSP, GCFA, GNFA, GCIA, GCIH or similar will receive favorable consideration but are not required
  • 10+ years of overall technology experience with a minimum of five years (can be overlapping) with a focus on cybersecurity.
  • 5+ years of experience managing others
  • Experience working in an AWS environment required
  • Ability to use Python to automate repetitive tasks

If you find it rewarding to see your work scale through automation, are interested in building something meaningful, and would love to work in an entrepreneurial environment, we can't wait to hear from you.

We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.