• Own the security and compliance functions related to our digital sovereign commercial product offerings and environments. • Lead technical discussions across multi-functional engineering teams, product and sales teams, as well as with third party auditors. • Support the continuous improvement of Red Hat Product Security through designing, developing, and implementing automation at scale to enable the maturation of processes. • Mentor and aid the growth of junior team members. • Support the downstream integration of open-sourced projects; collaborate to develop and implement Red Hat specific capabilities from the upstream. • Serve as an evangelist of security and compliance both inside Red Hat and externally, with partners, customers, or within the open-source community.

Circle (NYSE: CRCL) is one of the world’s leading internet financial platform companies, building the foundation of a more open, global economy through digital assets, payment applications, and programmable blockchain infrastructure. Circle’s platform includes the world’s largest regulated stablecoin network anchored by USDC, Circle Payments Network for global money movement, and Arc, an enterprise-grade blockchain designed to become the Economic OS for the internet. Enterprises, financial institutions, and developers use Circle to power trusted, internet-scale financial innovation. Learn more at circle.com. What you’ll be part of: Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values: High Integrity, Future Forward, Multistakeholder, Mindful, and Driven by Excellence. We have built a flexible work environment where new ideas are encouraged and everyone is a stakeholder. What you’ll be responsible for: The Circle Security Team works to protect Circle; our customers, clients, and partners; and the financial markets upon which we rely. As a member of this team, you will serve as the technical owner of Circle’s security data platform, responsible for ensuring that security telemetry across internal and external systems is correctly architected, ingested, normalized, and leveraged to drive detection and response outcomes. You will lead critical initiatives across both security operations, collaborating across engineering and business teams to scale our capabilities as the company grows. Also note that this position will require you to perform on-call duties mainly during working hours to support security operations, and you will assist the team with the occasional night time and weekend incident. What you'll work on: - Own the architecture, design, and evolution of Circle’s security data platform, ensuring scalable ingestion, normalization, enrichment, and delivery of telemetry across a growing and complex set of internal and external data sources. - Design and implement ETL/ELT pipelines for high-volume security data to support reliable detection, investigation, and response workflows. - Build and maintain streaming and batch data pipelines to enable real-time detection and retrospective security analysis. - Define and enforce data standards, schemas, and normalization frameworks to ensure consistent and high-quality telemetry across systems. - Evaluate and optimize log ingestion, parsing, and preprocessing pipelines to improve performance and downstream usability in SIEM and analytics platforms. - Act as a senior member of the Detection & Response function, participating in incident response, investigation, and resolution of security events. - Develop and enhance detections, playbooks, and response workflows, leveraging high-quality telemetry and automation. - Identify gaps in visibility during incidents and drive systemic improvements in logging, data ingestion, and detection coverage. - Provide strategic direction and roadmap for the evolution of security data architecture and detection capabilities as the business scales. - Take on-call shifts (every 3rd week and occasional weekend). What you’ll bring to Circle: - Strong ability to work collaboratively across teams during high-stress situations, which sometimes involves after hours work. - Ability to manage multiple competing priorities and use good judgment to establish order of priorities on the fly. - Self-motivated and creative problem-solver able to work independently with minimal guidance. - Strong communication skills, with the ability to translate complex technical concepts into clear recommendations. We’re looking for strong, impactful work experience, which typically includes: - 8 - 10+ years of experience in security engineering, detection & response, or data engineering. - Proven experience designing and operating large-scale data pipelines (ETL/ELT) in cloud environments. - Experience building or owning security data platforms or high-volume log ingestion pipelines. - Hands-on experience with cloud-native data services (AWS preferred: S3, Glue, Athena, MSK/Kafka, etc.). - Strong understanding of streaming architectures (Kafka, Kinesis, Pub/Sub, or equivalent). - Experience handling high-volume security telemetry (endpoint, identity, network, SaaS, and cloud logs). - Expertise in data normalization, schema design, and event modeling for security use cases. - Strong programming skills in Python and SQL (or similar languages). - Experience working with SIEM, SOAR, and analytics platforms. - Experience with incident response, threat detection, and security investigations. - Experience in AWS + EKS environments required; exposure to GCP or OCI is a plus. - Experience leveraging AI/ML tooling for detection, automation, or analytics is a plus. - Experience with building Detections As Code. - Professional or hobbyist blockchain exposure is preferred. You are the right person if you: - View security as a data and engineering problem first. - Are comfortable operating across both hands-on incident response and long-term architecture design. - Can identify gaps in telemetry and design scalable solutions to close them. - Use real-world incidents to drive systemic improvements in detection and data quality. - Think in terms of systems, pipelines, and long-term strategy, not just alerts. - Are self-reliant, curious, and proactive in solving complex problems. - Communicate clearly and collaborate effectively across teams. Circle is on a mission to create an inclusive financial future, with transparency at our core. We consider a wide variety of elements when crafting our compensation ranges and total compensation packages. Starting pay is determined by various factors, including but not limited to: relevant experience, skill set, qualifications, and other business and organizational needs. Please note that compensation ranges may differ for candidates in other locations. Base Pay Range: $225,000 - $290,000 We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status, or any other protected status required by the laws in the locations where we hire. Additionally, Circle participates in the E-Verify Program in certain locations, as required by law. Should you require accommodations or assistance in our interview process because of a disability, please reach out to accommodations@circle.com for support. We respect your privacy and will connect with you separately from our interview process to accommodate your needs. #LI-Remote

M9 Solutions is dedicated to providing IT services and solutions to the Federal Government by mobilizing the right people, skills, clearance levels, and technologies to help organizations who desire improved performance and modern, sustainable change. M9 has provided quality IT services and support to more than 30 Federal Agencies and multiple commercial customers nationwide. Our capabilities include digital transformation, software development, cloud migration, applications & infrastructure, cybersecurity, data delivery & analytics, and IT talent solutions. M9 Solutions is seeking an ISSO to work remotely in support of a government contract for a client located in San Antonio, TX. A Public Trust clearance is required. Responsibilities - Responsible for supporting the security posture of assigned information systems throughout the system lifecycle. - Works closely with the Authorizing Official (AO), System Owner (SO), Information System Security Manager (ISSM), and technical teams to ensure systems comply with applicable Federal Information Security Modernization Act (FISMA) requirements and NIST Risk Management Framework (RMF) controls. - Plays a role in maintaining system authorization, managing continuous monitoring activities, and ensuring risks are identified, documented, and remediated. - Aligns with federal cybersecurity responsibilities described in internal ISSO and CUI security guidance, including support for authorization, continuous monitoring, and protection of sensitive federal information. - Helps with documentation around monitoring, remediation, and risk assessments. Required Skills and Qualifications - Bachelor’s degree in Cybersecurity or a related field preferred. - At least 5 years of related experience. - Experience supporting the security posture of information systems throughout their lifecycle. - Knowledge of Federal Information Security Modernization Act (FISMA) requirements and NIST Risk Management Framework (RMF) controls. - Ability to collaborate with Authorizing Officials, System Owners, ISSMs, and technical teams to maintain system authorization, manage continuous monitoring, and remediate risks. Full-Time Employee Compensation - M9 Solutions’ pay range for this position is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include, but are not limited to, responsibilities of the position, education, experience, knowledge, skills, abilities, as well as internal equity, location, alignment with market data, applicable bargaining agreement (if any), or other law. - M9 Benefits - https://m9solutions.com/why-join-m9/#our-benefits Salary Range $60,000—$180,000 USD M9 Solutions, LLC (M9) is a Federal sub-contractor and we comply with all applicable federal laws prohibiting discrimination in employment, including Title VII of the Civil Rights Act of 1964. We also adhere to the affirmative action requirements of the Vietnam Era Veterans' Readjustment Assistance Act (VEVRAA) and Section 503 of the Rehabilitation Act, ensuring equal opportunity for veterans and individuals with disabilities. Please click here to complete M9's Voluntary Self-Identification Form and then email it to hr@m9solutions.com. If you need accommodation during the application process or encounter difficulties using our website, please contact our Human Resources Department at hr@m9solutions.com or 703-936-0880 M9 Solutions is a proud participant in the Virginia Values Veterans (V3) program and supports the Military Medics and Corpsmen (MMAC) initiative, demonstrating our commitment to hiring and supporting veterans, transitioning service members, military spouses, and dependents. With 15+ years of proven delivery and growth, M9 Solutions is a unique small business with credible past performance and key capabilities offering project management services, solution architects, business analysts, program managers, technical architects, and technical consultants. M9 was recognized as an Inc. 5000 Fastest-Growing Private Companies in 2021, 2020, 2019, 2018, 2017, 2016, and 2012. M9 Solutions believes that work should be fun, rewarding, and something everyone can be excited about. We offer a competitive compensation package and value diverse perspectives in driving the vision of the company.

• Assess security of applications, networks, and systems by simulating cyberattacks. • Manage disclosure programs and collaborate with internal teams to prioritize and resolve vulnerabilities, and conduct penetration tests. • Establish and maintain communication channels with the security research community to promote awareness of the responsible disclosure program and encourage participation. • Receive and triage vulnerability reports submitted by external researchers through various channels, such as email, web form, or bug bounty platform. • Collaborate with internal security teams to assess the severity and impact of reported vulnerabilities and prioritize them for resolution based on risk. • Facilitate communication and collaboration between researchers and relevant stakeholders, including development teams, IT operations, and product managers, to ensure timely resolution of identified security issues. • Track the progress of vulnerability remediation efforts and ensure that issues are addressed within agreed-upon timelines.