Check out opportunities at TheVentureCity and our family of startups

Senior Staff Product Security Engineer (Consumer Identity & Access Management)



United States · Remote
Posted on Wednesday, July 10, 2024

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk while securely enabling access to information for those who need it!

As the Senior Staff Security Engineer for the Consumer Identity & Access Management Program, you will be responsible for leading the design and implementation of robust, secure, and scalable identity management solutions across multiple product lines at Affirm. You will play a key role in ensuring that our applications and services are protected by implementing best practices in authentication, authorization, and user management. Your expertise will help shape our security posture, influence Affirm’s identity strategy, and guide development teams in building a modern CIAM platform.

What you’ll do

  • Own and drive the Consumer Identity & Access Management (CIAM) roadmap for all external identities which includes, consumers, merchant, partners.

  • Performing threat modeling and security architecture reviews for identity product features.

  • Provide technical leadership and mentorship to team members on identity standards and security best practices

  • Participating in the strategic development of methods, techniques, and evaluation criteria for identity related projects and programs

  • Partner with Affirm product teams to design authentication and authorization solutions across multiple product lines.

  • Collaborate with engineering teams across the organization to build, support, and enhance authentication and authorization platforms, driving engineering excellence and operational efficiency.

  • Partner with product teams in the development of security focused test cases to enforce security requirements.

  • Perform code reviews and provide constructive feedback to peers.

What we look for

  • 10+ years of experience architecting CIAM solutions authentication or authorisation protocols (OAuth, OAuth2, OIDC, SAML, LDAP)

  • Experience designing and building distributed systems and applications, real-time, scalable web services, REST APIs, developer portals.

  • Track record of successfully launching CIAM Programs with complex use cases across multiple identity types.

  • Experience integrating Identity COTS Products, such as Auth0, AWS Cognitos, Okta, etc. into existing web and mobile applications.

  • Experience with security architecture and design of mobile apps (IOS & Google)

  • Hands-on development experience with Python, Swift, and Kotlin.

Base Pay Grade - R

Equity Grade - 15

Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills.

Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents.)

USA base pay range (CA, WA, NY, NJ, CT) per year: $260,000 - $310,000

USA base pay range (all other U.S. states) per year: $232,000 - $282,000

Location: Remote - US


Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities.

We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include:

  • Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
  • Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
  • Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
  • ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount

We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.

[For U.S. positions that could be performed in Los Angeles or San Francisco] Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records.

By clicking "Submit Application," you acknowledge that you have read the Affirm Employment Privacy Policy for applicants within the United States, the EU Employee Notice Regarding Use of Personal Data (Poland) for applicants applying from Poland, the EU Employee Notice Regarding Use of Personal Data (Spain) for applicants applying from Spain, or the Affirm U.K. Limited Employee Notice Regarding Use of Personal Data for applicants applying from the United Kingdom, and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.