Senior Staff Security Engineer
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.
Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products.
The Security team posture increases security and reduces risk while securely enabling access to information for those who need it! The ideal employee will have extensive experience developing tooling and infrastructure used for securing technical resources as part of a larger team. The candidate will quickly come up to speed with current systems and processes, identify and develop improvements, and implement solutions used by experienced software and infrastructure engineers across the organization.
We protect and secure Affirm’s production infrastructure while balancing risk to enable business growth.
We are looking for a Senior Staff Security Engineer in the Enterprise Security team, primarily supporting the Platform Security organization focusing on vulnerability management, cloud security, perimeter security, and hardening of critical environments. We work closely with corporate/workforce security, incident response, security operations, identity and access systems and partner with infrastructure engineering teams that build, operate and manage compute, storage, caching and security systems at scale. You will partner with the right teams to solve complex security problems and help design solutions that are aligned with broader organizational goals.
What You’ll Do
- Work across multiple engineering functions and organizations to advocate for security practices.
- Influence, align and implement security features across engineering teams.
- Demonstrate expertise across various domains to design and develop scalable solutions.
- Configure and implement cloud security services, including identity and access management, detective controls, infrastructure protection, and data protection.
- Specify, standardize, configure, and validate access controls across a wide range of cloud services. Integrate security tooling into existing infrastructure.
- Develop security software configurations and improve tool functionality over time. Implement security controls across Affirm’s data infrastructure, including S3, DynamoDB, RDS, and Snowflake.
- Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure.
What We Look For
- A proven track record of tackling difficult and ambiguous challenges and driving them to success.
- Capable of shifting focus in a complex, ever changing environment to balance between security risks and business agility.
- Strong in multiple domains including infrastructure operations (e.g. networking, systems, storage), Corporate IT, able to make technical trade-offs between short versus long term security business decisions.
- Hands-on experience deploying infrastructure within a Kubernetes environment.
- Experience developing and deploying cloud services using Terraform.
- Understanding of methods and systems used for auditing usage and access to AWS cloud services.
- Experience managing security tooling, including Wiz, Auditbeat, Crowdstrike Falcon EDR, AWS System Manager Agent, or similar.
- BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus.
Compensation & Benefits
We offer a competitive package, with some highlights listed below. However, the given figures are not guaranteed compensation ranges; rather, they are unbinding, approximate indications of what the salary may be for your awareness. The actual salary may be less than the lower range or greater than the upper range, depending on skills and experience. No employee is guaranteed salary at the amount of the lower range.
- Flexible Spending Wallets for tech, food and lifestyle
- Generous time off policies
- Away Days - wellness days to take off work and recharge
- Learning & Development programs
- Parental leave
- Robust health benefits
- Employee Resource & Community Groups
We are able to offer visa sponsorship for this role, but do require that someone is based in Spain for the role.
Location - Remote Spain
Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities.
We have a simple and transparent remote-first grade-based compensation structure. Offer amounts within the range are based on a number of factors including but not limited to job-related skills, experience, and relevant education or training. Across the broader organization, certain roles are eligible for equity awards upon hire, promotion, tenure milestones and for performance.
We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include:
- Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
- Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
- Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
- ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount
We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.