This job has expired
This position was posted on December 19, 2025 and is likely no longer accepting applications. We've kept it here for historical reference. Check out the similar jobs below!
Job Overview
Location
United Kingdom
Job Type
Full-time
Category
Security Engineer
Date Posted
December 19, 2025
Full Job Description
đź“‹ Description
- • Lead the charge in safeguarding Circle’s global financial infrastructure by architecting and operating the next-generation Detection & Response program for EMEA. You will be the senior technical authority who turns threat intelligence into engineered controls, protecting billions of dollars in digital assets and the trust of millions of users.
- • Own the full lifecycle of threat detection—from ideation and data-source onboarding to rule-as-code deployment and continuous tuning—ensuring that every alert is enriched, actionable, and aligned to business risk. You will write and review Python or Golang-based detection logic, shepherd it through CI/CD, and measure efficacy with statistical rigor.
- • Serve as incident commander during high-severity security events, coordinating engineering, product, legal, and communications teams under pressure. You will author post-mortems that drive systemic fixes and feed back into the detection backlog, turning each incident into an opportunity to raise the bar.
- • Advance the use of AI inside the SOC: design prompt-driven playbooks, fine-tune models for alert triage, and build guardrails that mitigate adversarial abuse of generative AI. You will evangelize these innovations across Circle, mentoring analysts and engineers on safe, ethical AI adoption.
- • Architect and maintain core tooling—SIEM, SOAR, case management, and orchestration platforms—ensuring 99.9 % uptime, cost-effective log retention, and seamless integration with AWS, EKS, GCP, and OCI. You will negotiate with vendors, write Terraform modules, and automate everything that can be automated.
- • Close visibility gaps by partnering with infrastructure, DevOps, and product teams to standardize logging, implement eBPF-based sensors, and deploy memory-forensics agents on macOS endpoints. You will translate compliance and threat-model requirements into concrete telemetry specs.
- • Provide expert security guidance during the design and launch of new products—ranging from programmable wallets to cross-chain settlement layers—by conducting threat modeling sessions, reviewing architecture diagrams, and embedding detection requirements into user stories.
- • Contribute to the broader security portfolio: run targeted vulnerability scans against smart-contract endpoints, build custom tools for blockchain analytics, and support audits that validate the integrity of USDC reserves and on-chain transactions.
- • Participate in an on-call rotation (roughly every third week plus occasional weekends), responding to alerts within SLA, documenting runbooks, and ensuring seamless handoffs between EMEA and US time zones. You will treat on-call not as a burden, but as a chance to refine telemetry and reduce noise.
- • Champion a culture of psychological safety and continuous learning. You will host lunch-and-learns on macOS internals, run purple-team exercises, and celebrate wins loudly—because resilient security starts with resilient people.
🎯 Requirements
- • 10+ years of hands-on experience in detection engineering, incident response, or security engineering roles within internet-scale, cloud-native environments.
- • Proven track record (3+ years) of commanding security incidents end-to-end, including root-cause analysis, stakeholder communication, and long-term remediation.
- • Deep expertise operating and tuning SIEM, SOAR, and case-management platforms; experience with Detection-as-Code workflows and version-controlled rule repositories.
- • Strong programming skills in Python, Golang, or similar languages; ability to write production-grade automation and integrate APIs across AWS, EKS, GCP, or OCI.
- • Hands-on experience leveraging AI tooling to accelerate SOC operations and defend against AI-driven threats; understanding of LLM risks and mitigations.
🏖️ Benefits
- • Fully remote, flexible work environment with a stipend for home-office setup and high-speed internet.
- • Competitive compensation package including equity, performance bonus, and a generous 401(k) or local pension equivalent.
- • Annual learning & development budget (conferences, certifications, courses) plus dedicated time for research and open-source contributions.
- • Comprehensive health, dental, vision, and mental-wellness coverage for you and eligible dependents, plus 20 days PTO and 10 company-wide recharge days.
Skills & Technologies
Python
Go
AWS
GCP
Senior
Remote
About Circle Internet Financial Limited
Circle Internet Financial Limited operates a global financial technology platform that issues USDC, a dollar-pegged stablecoin, and provides payment, treasury, and digital asset infrastructure to businesses and developers. Founded in 2013 and headquartered in Boston, the firm is licensed as a money transmitter across the United States and holds electronic money institution authorizations in Europe and Bermuda. Its services include programmable wallets, on- and off-ramps, compliance tools, and APIs that enable merchants, exchanges, and institutions to move value on public blockchains at scale while meeting regulatory requirements.
Get more remote jobs like this
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
