Intern, Application Security

About Circle

Circle (NYSE: CRCL) is one of the world’s leading internet financial platform companies, building the foundation of a more open, global economy through digital assets, payment applications, and programmable blockchain infrastructure. Circle’s platform includes the world’s largest regulated stablecoin network anchored by USDC, Circle Payments Network for global money movement, and Arc, an enterprise-grade blockchain designed to become the Economic OS for the internet. Enterprises, financial institutions, and developers use Circle to power trusted, internet-scale financial innovation. Learn more at circle.com.

What You’ll Be Part Of

Circle is committed to visibility and stability in everything we do. As we grow as an organization, we're expanding into some of the world's strongest jurisdictions. Speed and efficiency are motivators for our success and our employees live by our company values: High Integrity, Future Forward, Multistakeholder, Mindful, and Driven by Excellence. We have built a flexible work environment where new ideas are encouraged and everyone is a stakeholder.

About The Program

The Circle Internship Program is a 12-week, remote-first experience running from May 26 to August 14, 2026, designed to give interns hands-on experience building the future of global finance. Interns work on meaningful, real-world projects that support Circle’s mission to enable the frictionless exchange of value.

The program includes three in-person experiences designed to deepen learning and connection:

• Circle Forward Week in Miami
• Development Week at Circle’s New York City HQ in One World Trade Center
• Final Showcase Week in the San Francisco Bay Area

Throughout the summer, interns are supported by managers, mentors, and a close-knit cohort, with opportunities for learning, growth, and exposure to leaders across the company.

What you’ll be responsible for

As an Intern, Application Security, you will contribute to the Product Security team by building scalable automation that strengthens Circle’s secure development lifecycle. You will focus on developing systems that accelerate the triage and remediation of CodeQL alerts, including AI-assisted workflows that improve signal quality and reduce time-to-resolution for vulnerabilities. Working closely with security and engineering partners, you will help embed automated security controls into CI/CD pipelines and improve the accuracy, efficiency, and scalability of application security processes.

What you’ll work on

• Build automation to streamline the triage and remediation of CodeQL security alerts
• Design workflows that leverage AI agents to classify and prioritize security findings
• Tune CodeQL rules to improve static analysis quality and reduce false positives
• Integrate CodeQL-based security checks and automations into CI/CD pipelines
• Collaborate with security and engineering teams to embed scalable security controls into development workflows

What you’ll bring to Circle

Core Requirements

• Foundational understanding of application security principles
• Experience with at least one programming language such as Python, JavaScript, or Java
• Familiarity with secure software development practices and DevSecOps concepts
• Coursework or project experience in threat modeling or risk analysis

Preferred Requirements

• Exposure to security scanning tools such as SAST, SCA, or CI/CD-integrated security tooling
• Experience with security platforms such as GitHub Advanced Security, Snyk, Wiz, or similar tools

Key skills/competency

• Application Security
• Secure Development Lifecycle (SDLC)
• CodeQL
• Automation
• AI-assisted Workflows
• CI/CD Pipelines
• Static Analysis (SAST)
• DevSecOps
• Programming (Python, Java, JavaScript)
• Threat Modeling