Staff Product Security Engineer

Summary

Join Affirm's Security Team as a Staff Security Engineer to lead the Incident Response function. You will act as Incident Commander during security incidents, driving remediation and response efforts company-wide. This role requires strong communication and collaboration skills to engage with stakeholders at all levels. You will also contribute to maturing other Sec Ops programs, such as Security Observability and Cyber Defense Engineering. This cross-functional role involves partnering with internal and external teams to improve security operations capabilities and impact millions of customers. The position offers a competitive salary and benefits package, including 100% subsidized medical coverage for you and your dependents.

Requirements

• A seasoned Detection and Response Engineer with experience leading investigations and incidents including containment actions and forensics when needed in an engineering focused cloud heavy environment (AWS, EKS experience strongly preferred)
• 7+ years of experience with Detection and Response engineering with a significant focus on leading security incidents and crises
• Ability to handle high pressure, complex and often ambiguous situations in a calm and thoughtful manner, and when needed be the voice of reason and calm across the incident group
• Strong communication skills with the ability to switch communication styles when needed to engage with various levels of stakeholders
• Ability to proactively take the initiative and rally stakeholders for both tactical and strategic progress pertaining to the Incident Response function
• Strong ability to analyze, parse and correlate information against data from multiple sources and when needed engineer solutions to do the same
• Demonstrated experience in common Sec Ops tooling pertaining to SIEM, EDR, and MDR providers. For example: Splunk, Elastic, Sentinel One, CrowdStrike, Red Canary, Expel, etc. or similar
• Experience in programming to create automations to improve IR program workflows and capabilities (Python & Terraform IAC experience preferred)
• Experience with supporting native data ingestion and data normalization integrations
• Ability to partner with Legal & Compliance teams for relevant incident reporting requirements across regulatory bodies
• Ability to lead large projects and work with cross functional stakeholders throughout the organization

Responsibilities

• Own and drive the roadmap for the Security Incident Response Program under the Security Operations & Resilience Engineering organization
• Lead security incident response efforts driving detection & response across the organization through all phases of an incident from identification to post-incident retrospective
• Serve as incident commander in large scale security incidents driving action oriented containment & remediation results
• Be the senior escalation point for the team assisting with investigations and incidents (this is a very hands on role)
• Balance both tactical & strategic thinking in high pressure situations using facts & clear communications to lead the response team to next steps
• Provide briefings, status updates, and advice to a variety of audiences, including technical and executive leadership teams during incidents
• Lead the development of security incident response playbooks and processes
• Contribute to engineering projects which build, maintain and improve our current monitoring, detection & response programs
• Contribute to our detection program by creating advanced detections based on frameworks such as MITRE ATT&CK
• Collaborate with cross functional teams across Affirm and lead key security projects
• Provide mentorship and training to junior security team members, fostering their professional growth and development
• We highly encourage and support external engagement, publications, presentations with the security community as well

Preferred Qualifications

Experience in building actionable threat intelligence & hunting programs is always a bonus!

Benefits

• Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
• Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
• Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
• ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount