Senior Manager, Threat and Vulnerability Management

Circle is a financial technology company at the epicenter of the emerging internet of money, where value can finally travel like other digital data - globally, nearly instantly and less expensively than legacy settlement systems.

This ground-breaking new internet layer opens up previously unimaginable possibilities for payments, commerce and markets that can help raise global economic prosperity and enhance inclusion.

Our infrastructure - including USDC, a blockchain-based dollar - helps businesses, institutions and developers harness these breakthroughs and capitalize on this major turning point in the evolution of money and technology.

What you'll be part of :

Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions.

Speed and efficiency are motivators for our success and our employees live by our company values : Multistakeholder, Mindfulness, Driven by Excellence and High Integrity.

Circlers are consistently evolving in a remote world where strength in numbers fuels team success. We have built a flexible and diverse work environment where new ideas are encouraged and everyone is a stakeholder.

What you'll be responsible for :

Circle is looking for a passionate Security Leader with an expertise in Threat and Vulnerability Management, deep understanding of different Cloud based Infrastructure and a Mac based fleet of devices.

You'll be part of the Security Engineering team and closely partner with the Engineering, Infrastructure, and IT teams responsible for supporting our cloud operations, software development, fleet of devices and endpoints.

What you'll work on :

• Execute and enhance Circle's Threat and Vulnerability Management strategy, implementation, and operationalization
• Actively partner with our Engineering, Infrastructure, and IT teams on the secure development of software, identifying and triaging vulnerabilities, providing remediation guidance, and maintaining SLAs
• Integrate into our current Threat and Vulnerability Management program and perform comprehensive risk assessments
• Recommend and validate Security controls and improvements across our infrastructure and enterprise stack
• Own and build relationships with key stakeholders such as cross-functional leaders and internal auditors
• Produce data-based reports on technology risk for senior management
• Drive continuous improvement in the tech stack

You will aspire to our four core values :

• Multistakeholder - you have dedication and commitment to our customers, shareholders, employees and families and local communities.
• Mindful - you seek to be respectful, an active listener and to pay attention to detail.
• Driven by Excellence - you are driven by our mission and our passion for customer success which means you relentlessly pursue excellence, that you do not tolerate mediocrity and you work intensely to achieve your goals.
• High Integrity - you seek open and honest communication, and you hold yourself to very high moral and ethical standards.

You reject manipulation, dishonesty and intolerance.

What you'll bring to Circle :

• Creative and flexible solutioning as you partner with engineering teams
• Expertise with Cloud vulnerability scanning solutions like Wiz, Prisma Cloud, Qualys, or Amazon Inspector is required.
• Hands-on technical and coding experience with developing, deploying, and integrating vulnerability scanning solutions with technologies such as Terraform, Github, Jira, Python and others, in context of a mid to large Enterprise
• Enterprise program management and reporting with experience setting OKRs and creating KRIs
• Expertise with Cloud Infrastructure in AWS is required, GCP and / or Azure is preferred
• Extensive knowledge of containerization, orchestration and cloud scale solutions
• Expertise with CICD within the SDLC process
• Expertise with Slack, Apple MacOS and GSuite is required.
• Familiarity with CVSS, EPSS, threat intelligence, and performing risk analysis
• Enthusiasm for automation, scalable and reproducible security practices
• Self-motivated and creative problem-solver able to work independently
• Proficiency in managing multiple competing priorities and use good judgment to establish order or priorities on the fly for themselves and their team.
• Ability to influence and expediently resolve issues and achieve organizational objectives
• The ability to design and operate controls that are easy to test and audit
• Experience working in financial services or financial technology desired
• Advanced degree in computer science, or related fields strongly preferred.
• Strong ability to work collaboratively across teams during high-stress situations.
• An understanding of standards such as ISO 27001 / 27002 and the NIST Cybersecurity Framework desirable
• 8+ years of total experience in cybersecurity with at least 4+ years managing technical teams
• Certified Cloud Security Professional (CCSP) and familiarity with blockchain / web3 development is preferred.

Additional Information :

This position is eligible for day-one PERM sponsorship for qualified candidates.

Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.

Starting pay is determined by various factors, including but not limited to : relevant experience, skill set, qualifications, and other business and organizational needs.

Please note that compensation ranges may differ for candidates in other locations.

Base Pay Range : $205,000 - $265,000

Annual Bonus Target : 17.5%

Also Included : Equity & Benefits (including medical, dental, vision and 401(k)). Circle has a discretionary vacation policy.

We also provide 10 days of paid sick leave per year and 11 paid holidays per year in the U.S.

We are an equal opportunity employer and value diversity at Circle. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Additionally, Circle participates in the E-Verify Program in certain locations, as required by law.

LI-Remote