Staff Product Security Engineer

Affirm recognizes that security is essential to the company’s ongoing success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products. The Security Operations and Resilience Engineering (Sec Ops) program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse security event. 

As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space. 

We're seeking a Staff Security Engineer to lead the Incident Response function within the broader Security Ops org, by driving remediation and response efforts company-wide in a very engineering-driven cloud infrastructure environment. In this role, you will act as Incident Commander during security incidents, leading the team to incident resolution in high-pressure situations by making decisions in engagements with high amounts of ambiguity.

Beyond the technical skills needed to effectively lead Incident Response, we are looking for someone who is very comfortable communicating and engaging with stakeholders across various levels and functions as well as proactively rallying people together when needed. As this is a lead role, you will be expected to take initiative and lead independently while communicating necessary information to stakeholders. In addition to Incident Response, you'll also contribute to maturing other programs within the Sec Ops org, such as Security Observability and Cyber Defense Engineering.

Overall, this is an extremely cross-functional and collaborative role that will span multiple functions across the company. You will get to partner with internal Security teams (such as Platform Security, Security Risk Management) as well as other external teams (such as Infrastructure, Observability, Privacy/Compliance) to create and improve security operations capabilities. As such, the cross functional work with these teams will often tackle complex security problems and design solutions that align with our broader organizational goals. Your impact will not only be within the company but also in improving the trust and security of millions of customers, merchants and partners.

What You'll Do

• Own and drive the roadmap for the Security Incident Response Program under the Security Operations & Resilience Engineering organization.  
• Lead security incident response efforts driving detection & response across the organization through all phases of an incident from identification to post-incident retrospective. 
• Serve as incident commander in large scale security incidents driving action oriented containment & remediation results. 
• Be the senior escalation point for the team assisting with investigations and incidents (this is a very hands on role). 
• Balance both tactical & strategic thinking in high pressure situations using facts & clear communications to lead the response team to next steps. 
• Provide briefings, status updates, and advice to a variety of audiences, including technical and executive leadership teams during incidents. 
• Lead the development of security incident response playbooks and processes.
• Contribute to engineering projects which build, maintain and improve our current monitoring, detection & response programs. 

• Contribute to our detection program by creating advanced detections based on frameworks such as MITRE ATT&CK. 
• Collaborate with cross functional teams across Affirm and lead key security projects. 
• Provide mentorship and training to junior security team members, fostering their professional growth and development.
• We highly encourage and support external engagement, publications, presentations with the security community as well. 

What We Look For

• A seasoned Detection and Response Engineer with experience leading investigations and incidents including containment actions and forensics when needed in an engineering focused cloud heavy environment (AWS, EKS experience strongly preferred). 
• 7+ years of experience with Detection and Response engineering with a significant focus on leading security incidents and crises. 
• Ability to handle high pressure, complex and often ambiguous situations in a calm and thoughtful manner, and when needed be the voice of reason and calm across the incident group. 
• Strong communication skills with the ability to switch communication styles when needed to engage with various levels of stakeholders. 
• Ability to proactively take the initiative and rally stakeholders for both tactical and strategic progress pertaining to the Incident Response function. 
• Strong ability to analyze, parse and correlate information against data from multiple sources and when needed engineer solutions to do the same. 
• Demonstrated experience in common Sec Ops tooling pertaining to SIEM, EDR, and MDR providers. For example: Splunk, Elastic, Sentinel One, CrowdStrike, Red Canary, Expel, etc. or similar. 
• Experience in programming to create automations to improve IR program workflows and capabilities (Python & Terraform IAC experience preferred). 
• Experience with supporting native data ingestion and data normalization integrations. 
• Ability to partner with Legal & Compliance teams for relevant incident reporting requirements across regulatory bodies. 
• Ability to lead large projects and work with cross functional stakeholders throughout the organization. 
• Experience in building actionable threat intelligence & hunting programs is always a bonus!

If you got to this point, we hope you're feeling excited about the job description! Even if you don't feel that you meet every single requirement, we still encourage you to apply. We're eager to meet people that believe in Affirm's mission and can contribute to our team in a variety of ways – not just candidates who check all the boxes.

At Affirm, "People Come First" is a core value and that’s why diversity and inclusion are vital to our priorities as an equal opportunity employer. Learn more about our D&I efforts here. 

Base Pay Grade - P

Equity Grade - 13

Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills.

Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents.)

USA base pay range (CA, WA, NY, NJ, CT) per year: $225,000 - $275,000

USA base pay range (all other U.S. states) per year: $200,000 - $250,000

Location: Remote - US

#LI-Remote