Staff Product Security Engineer

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

Affirm recognizes that security is essential to the company’s ongoing success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products. The Security Operations and Resilience Engineering (Sec Ops) program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse security event. 

As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space. 

We're seeking a Staff Security Engineer to lead the Incident Response function within the broader Security Ops org, by driving remediation and response efforts company-wide in a very engineering-driven cloud infrastructure environment. In this role, you will act as Incident Commander during security incidents, leading the team to incident resolution in high-pressure situations by making decisions in engagements with high amounts of ambiguity.

Beyond the technical skills needed to effectively lead Incident Response, we are looking for someone who is very comfortable communicating and engaging with stakeholders across various levels and functions as well as proactively rallying people together when needed. As this is a lead role, you will be expected to take initiative and lead independently while communicating necessary information to stakeholders. In addition to Incident Response, you'll also contribute to maturing other programs within the Sec Ops org, such as Security Observability and Cyber Defense Engineering.

Overall, this is an extremely cross-functional and collaborative role that will span multiple functions across the company. You will get to partner with internal Security teams (such as Platform Security, Security Risk Management) as well as other external teams (such as Infrastructure, Observability, Privacy/Compliance) to create and improve security operations capabilities. As such, the cross functional work with these teams will often tackle complex security problems and design solutions that align with our broader organizational goals. Your impact will not only be within the company but also in improving the trust and security of millions of customers, merchants and partners.

What You'll Do

• Own and drive the roadmap for the Security Incident Response Program under the Security Operations & Resilience Engineering organization.  
• Lead security incident response efforts driving detection & response across the organization through all phases of an incident from identification to post-incident retrospective. 
• Serve as incident commander in large scale security incidents driving action oriented containment & remediation results. 
• Be the senior escalation point for the team assisting with investigations and incidents (this is a very hands on role). 
• Balance both tactical & strategic thinking in high pressure situations using facts & clear communications to lead the response team to next steps. 
• Provide briefings, status updates, and advice to a variety of audiences, including technical and executive leadership teams during incidents. 
• Lead the development of security incident response playbooks and processes.
• Contribute to engineering projects which build, maintain and improve our current monitoring, detection & response programs. 

• Contribute to our detection program by creating advanced detections based on frameworks such as MITRE ATT&CK. 
• Collaborate with cross functional teams across Affirm and lead key security projects. 
• Provide mentorship and training to junior security team members, fostering their professional growth and development.
• We highly encourage and support external engagement, publications, presentations with the security community as well. 

What We Look For

• A seasoned Detection and Response Engineer with experience leading investigations and incidents including containment actions and forensics when needed in an engineering focused cloud heavy environment (AWS, EKS experience strongly preferred). 
• 7+ years of experience with Detection and Response engineering with a significant focus on leading security incidents and crises. 
• Ability to handle high pressure, complex and often ambiguous situations in a calm and thoughtful manner, and when needed be the voice of reason and calm across the incident group. 
• Strong communication skills with the ability to switch communication styles when needed to engage with various levels of stakeholders. 
• Ability to proactively take the initiative and rally stakeholders for both tactical and strategic progress pertaining to the Incident Response function. 
• Strong ability to analyze, parse and correlate information against data from multiple sources and when needed engineer solutions to do the same. 
• Demonstrated experience in common Sec Ops tooling pertaining to SIEM, EDR, and MDR providers. For example: Splunk, Elastic, Sentinel One, CrowdStrike, Red Canary, Expel, etc. or similar. 
• Experience in programming to create automations to improve IR program workflows and capabilities (Python & Terraform IAC experience preferred). 
• Experience with supporting native data ingestion and data normalization integrations. 
• Ability to partner with Legal & Compliance teams for relevant incident reporting requirements across regulatory bodies. 
• Ability to lead large projects and work with cross functional stakeholders throughout the organization. 
• Experience in building actionable threat intelligence & hunting programs is always a bonus!

If you got to this point, we hope you're feeling excited about the job description! Even if you don't feel that you meet every single requirement, we still encourage you to apply. We're eager to meet people that believe in Affirm's mission and can contribute to our team in a variety of ways – not just candidates who check all the boxes.

At Affirm, "People Come First" is a core value and that’s why diversity and inclusion are vital to our priorities as an equal opportunity employer. Learn more about our D&I efforts here. 

Base Pay Grade - P

Equity Grade - 13

Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills.

Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents.)

USA base pay range (CA, WA, NY, NJ, CT) per year: $225,000 - $275,000

USA base pay range (all other U.S. states) per year: $200,000 - $250,000

Location: Remote - US

#LI-Remote

Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities.

We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include: 

• Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents 
• Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
• Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
• ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount

We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.

[For U.S. positions that could be performed in Los Angeles or San Francisco] Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records.

By clicking "Submit Application," you acknowledge that you have read Affirm's Global Candidate Privacy Notice and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.