Staff Security Engineer (Corporate Security)

Affirm values information security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products. The Enterprise Security program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse event. 

As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space. 

We are looking for a Staff Security Engineer in the Enterprise Security team, primarily supporting the Corporate Security program including vulnerability management, data loss prevention, SaaS security, and corporate infrastructure security. In this role, you will collaborate with internal Security teams (such as Security Operations, Platform Security and IAM) and other external teams (such as product engineering teams, IT, legal and compliance) to create and improve enterprise security capabilities. You will partner with the right teams to solve complex security problems and help design solutions that are aligned with broader organizational goals. 

What You'll Do

• Design, implement and maintain security measures for corporate systems
• Design, build and integrate security tooling to manage our corporate systems
• Perform security design review, code review, threat modeling and architecture reviews
• Manage the Corporate Vulnerability Management program 
• Develop and enforce security policies, standards and best practices
• Configure and implement cloud security services, including identity and access management, detective controls, infrastructure protection, and data protection
• Contribute to developing and maturing corporate security playbooks and processes
• Collaborate with cross functional teams across Affirm and lead key Security projects
• Participant in security on call and serve as the senior escalation point for the team when needed for help with investigations and incidents

What We Look For

• A seasoned Enterprise Security engineer with a strong ability to design, build, evaluate and maintain systems.
• Experience leading investigations and incidents including containment actions and remediation when needed in a cloud heavy environment (AWS preferred). 
• Demonstrated experience in common Enterprise Security tooling including but not limited to: SIEM (Elastic/Splunk), EDR (CrowdStrike/SentinelOne), ZTNA (Netskope/Zscaler), SSPM (AppOmni or similar) and IDP (Okta/Onelogin).
• Demonstrated experience and deep subject matter expertise in Corporate systems including but not limited to:  Snowflake, Salesforce, Github, Google Workspace, AWS Slack, Notion, Jira, Zendesk, Microsoft 365, and Workday
• Experience with designing and deploying endpoint management and visibility solutions such as Jamf, Intune, and OSQuery.
• Experience leading an enterprise vulnerability management program using tools such as Rapid7, Crowdstrike Spotlight, Qualys or similar.
• Experience with developing native data ingestion and data normalization integrations. 
• Familiarity with container orchestration technologies (Kubernetes).
• Experience developing and deploying cloud services using Infrastructure as code with Terraform or similar. 
• Experience with Python or similar language to build security tooling.
• Experience building systems with AWS or similar cloud environments.
• Ability to lead and drive cross functional projects with stakeholders throughout the organization. 
• Strong communication skills with the ability to switch communication style when needed between technical and non-technical audiences. 
• This position requires either equivalent practical experience or a Bachelor’s degree in a related field.

Base Pay Grade - O

Equity Grade - 7

Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills.

Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents.)

USA base pay range (CA, WA, NY, NJ, CT) per year: $205,000 - 255,000

USA base pay range (all other U.S. states) per year: $182,000 - $232,000

Location: Remote - US

#LI-Remote