Lead Security Engineer, Detection & Response (Data Platform)

Circle (NYSE: CRCL) is one of the world's leading internet financial platform companies, building the foundation of a more open, global economy through digital assets, payment applications, and programmable blockchain infrastructure. Circle's platform includes the world's largest regulated stablecoin network anchored by USDC, Circle Payments Network for global money movement, and Arc, an enterprise-grade blockchain designed to become the Economic OS for the internet. Enterprises, financial institutions, and developers use Circle to power trusted, internet-scale financial innovation. Learn more at circle.com .
What you'll be part of:
Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values : High Integrity, Future Forward, Multistakeholder, Mindful, and Driven by Excellence. We have built a flexible work environment where new ideas are encouraged and everyone is a stakeholder.
What you'll be responsible for:
The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely.
As a member of this team, you will serve as the technical owner of Circle's security data platform, responsible for ensuring that security telemetry across internal and external systems is correctly architected, ingested, normalized, and leveraged to drive detection and response outcomes.
You will lead critical initiatives across both security operations, collaborating across engineering and business teams to scale our capabilities as the company grows.
Also note that this position will require you to perform on-call duties mainly during working hours to support security operations, and you will assist the team with the occasional night time and weekend incident.
What you'll work on:

• Own the architecture, design, and evolution of Circle's security data platform, ensuring scalable ingestion, normalization, enrichment, and delivery of telemetry across a growing and complex set of internal and external data sources.
• Design and implement ETL/ELT pipelines for high-volume security data to support reliable detection, investigation, and response workflows.
• Build and maintain streaming and batch data pipelines to enable real-time detection and retrospective security analysis.
• Define and enforce data standards, schemas, and normalization frameworks to ensure consistent and high-quality telemetry across systems.
• Evaluate and optimize log ingestion, parsing, and preprocessing pipelines to improve performance and downstream usability in SIEM and analytics platforms.
• Act as a senior member of the Detection & Response function, participating in incident response, investigation, and resolution of security events.
• Develop and enhance detections, playbooks, and response workflows, leveraging high-quality telemetry and automation.
• Identify gaps in visibility during incidents and drive systemic improvements in logging, data ingestion, and detection coverage.
• Provide strategic direction and roadmap for the evolution of security data architecture and detection capabilities as the business scales.
• Take on-call shifts (every 3rd week and occasional weekend).

What you'll bring to Circle:

• Strong ability to work collaboratively across teams during high-stress situations, which sometimes involves after hours work.
• Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly.
• Self-motivated and creative problem-solver able to work independently with minimal guidance.
• Strong communication skills, with the ability to translate complex technical concepts into clear recommendations.

We're looking for strong, impactful work experience, which typically includes:

• 8 - 10+ years of experience in security engineering, detection & response, or data engineering.
• Proven experience designing and operating large-scale data pipelines (ETL/ELT) in cloud environments.
• Experience building or owning security data platforms or high-volume log ingestion pipelines.
• Hands-on experience with cloud-native data services (AWS preferred: S3, Glue, Athena, MSK/Kafka, etc.).
• Strong understanding of streaming architectures (Kafka, Kinesis, Pub/Sub, or equivalent).
• Experience handling high-volume security telemetry (endpoint, identity, network, SaaS, and cloud logs).
• Expertise in data normalization, schema design, and event modeling for security use cases.
• Strong programming skills in Python and SQL (or similar languages).
• Experience working with SIEM, SOAR, and analytics platforms.
• Experience with incident response, threat detection, and security investigations.
• Experience in AWS + EKS environments required; exposure to GCP or OCI is a plus.
• Experience leveraging AI/ML tooling for detection, automation, or analytics is a plus.
• Experience with building Detections As Code.
• Professional or hobbyist blockchain exposure is preferred.

You are the right person if you:

• View security as a data and engineering problem first.
• Are comfortable operating across both hands-on incident response and long-term architecture design.
• Can identify gaps in telemetry and design scalable solutions to close them.
• Use real-world incidents to drive systemic improvements in detection and data quality.
• Think in terms of systems, pipelines, and long-term strategy, not just alerts.
• Are self-reliant, curious, and proactive in solving complex problems.
• Communicate clearly and collaborate effectively across teams.

Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages.
Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations.
Base Pay Range: $225,000 - $290,000
We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status, or any other protected status required by the laws in the locations where we hire. Additionally, Circle participates in the E-Verify Program in certain locations, as required by law.
Should you require accommodations or assistance in our interview process because of a disability, please reach out to [email protected] for support. We respect your privacy and will connect with you separately from our interview process to accommodate your needs.
#LI-Remote