Security Risk Management Specialist I
Remote Canada
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.
We are seeking a Security Risk Management Specialist I to join our Security Risk Management team at Affirm. The Security Risk Management team builds and deploys common governance, risk, and compliance processes and controls, conducts audits, and ensures that technologies and business processes are built with data protection and compliance in mind! Affirm values security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products.
What You'll Do
- Support our third party risk program by reviewing vendor questionnaires and identifying and documenting security risks.
- Assist in tracking and resolving gaps pertaining to supply chain security.
- Ensure the data quality and completeness of an extensive inventory of third parties.
- Provide security assurance to client-facing teams by managing Affirm’s trust portal and fulfilling merchant and partner requests for information.
- Help maintain and publish security policies and documentation to promote awareness amongst stakeholders and employees.
- Contribute to, and help curate, metrics and reports on risk indicators, issues, and the efficiency of our operations.
What We Look For
- Excellent verbal and written communication skills tailored to a remote-first work setting.
- Proven strength and interest in accurate record-keeping and task management across several systems.
- Curiosity and drive to identify problems and anomalies and find solutions.
- Adept day-to-day time management of different workstreams and ability to respond to shifting priorities.
- Passion for working with diverse teams and taking into account each perspective, e.g. as an auditor, engineer, business person, and more.
- Not required, but 1-2 years of experience in risk management, information security, or similar preferred.
- A keen interest in the exciting field of cybersecurity—maybe you’re already familiar with the NIST Cyber Security Framework, ISO 2700x, SOC1 & 2 (SSAE18), PCI DSS, NIST-800-53, FFIEC Cybersecurity Assessment Tool, SANS Top 20, etc.
Base Paay Grade - H
Equity Grade - Canada 2
Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience …
This job isn't fresh anymore!
Search Fresh JobsJob Profile
Limited number of roles remain office-based
Benefits/Perks100% subsidized medical 100% subsidized medical coverage Competitive benefits Competitive vacation Competitive vacation and holiday schedules Dental and vision coverage Employee stock purchase plan Equity Equity rewards ESPP Flexible Spending Flexible Spending Wallets Health care coverage Inclusive interview experience Inclusive interview experience for all Monthly stipends Monthly stipends for health Remote-first company Subsidized medical coverage Tech spending Time off Transparent pay structure Wellness Wellness and tech spending
SkillsAudit Audits Communication Compliance Cybersecurity Data Protection Information security Metrics NIST 800-53 NIST Cybersecurity Framework Operations PCI PCI DSS Record keeping REST Risk Management SANS SOC 1 SOC 2 Task Management Time Management Vendor Management
Experience1-2 years
TimezonesAmerica/Edmonton America/Moncton America/Regina America/St_Johns America/Toronto America/Vancouver UTC-3 UTC-4 UTC-5 UTC-6 UTC-7 UTC-8