Remote Staff Product Security Engineer (Detection and Response)

Summary

Join a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills at Affirm. As a Staff Security Operations (Sec Ops) Engineer, you will help build and mature the Security Operations Engineering program including Logging, Detection, and Response.

Requirements

• A seasoned Security Operations Engineer with at least 5+ years of experience in Detection and Response with a significant engineering focus in a cloud heavy environment (AWS or similar)
• Experience with developing native data ingestion and data normalization integrations to aid the Sec Ops monitoring & Detection program
• Hands-on experience handling investigative, containment and remediation actions across environments and the ability to partner with Infrastructure, SRE teams during incidents
• Demonstrated experience in common Sec Ops tooling including but not limited to: Elastic, Splunk, Hive, Crowdstrike Falcon or similar
• Hands-on experience with container orchestration technologies (Kubernetes or similar)
• Experience in creating automations to improve IR program workflows and capabilities (Python preferred)
• Familiarity with Infrastructure-as-code (IaC) including experience developing and deploying cloud services using Terraform
• Strong communication skills with the ability to switch communication styles when needed between engineering and non-engineering audiences
• Ability to lead and drive large projects and work with cross functional stakeholders throughout the Engineering organization
• Experience in building actionable threat intelligence & hunting programs is always a bonus!

Responsibilities

• Serve as a hands-on technical leader to mature our Logging & Detection Engineering program
• Build and enhance our logging pipeline to ingest the right data sources that improve our visibility
• Contribute to our detection program by writing advanced detections based on frameworks such as MITRE ATT&CK
• Continuously tune detections to improve our detection fidelity and calibrate signals to maximize value while minimizing noise
• Contribute to engineering projects by building, maintaining and improving our tooling
• Drive monitoring, detection and response and remediation for security incidents
• Be a senior escalation point for the team when needed in investigations and incidents particularly from an engineering escalation perspective
• Build automation and integrations between tools when needed to help improve logging, detection and response workflows
• Contribute to developing and maturing security incident response playbooks and processes
• Collaborate with cross functional teams across Affirm and lead key Security projects

Benefits

• 100% subsidized medical coverage, dental and vision for you and your dependents
• Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
• Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
• ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount