Staff Product Security Engineer - Incident Response Lead

October 30

Apply Now

Receive Emails with Similar Jobs

Affirm

WebsiteLinkedInAll Job Openings

eCommerce • Payments • Installment Loans • Millennials • Financial Services

1001 - 5000

💰 Post-IPO Equity on 2021-01

Description

• Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest • Affirm recognizes that security is essential to the company’s ongoing success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products • The Security Operations (Sec Ops) program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse security event • As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills • We're seeking a Staff Sec Ops Engineer to lead the Incident Response pillar, driving remediation and response efforts company-wide • In this role, you will act as incident Commander during security incidents, leading the team to resolution in high-pressure situations including making decisions in ambiguous situations • You'll also contribute to maturing other programs within the Sec Ops team, such as logging & detection, in our engineering-driven cloud infrastructure environment • This is an extremely cross-functional and collaborative role that will span multiple functions across the company. You will get to partner with internal Security teams as well as other external teams to create and improve security operations capabilities • Your impact will not only be within the company but also in improving the trust and security of millions of customers

Requirements

• A seasoned Detection and Response Engineer with experience leading investigations and incidents including containment actions and forensics when needed in an engineering focused cloud heavy environment (AWS, EKS experience strongly preferred) • 7+ years of experience with Detection and Response engineering with a significant focus on leading incidents and crises • Ability to handle high pressure, complex situations in a calm and thoughtful manner, and when needed be the voice of reason and calm across the incident group • Strong ability to analyze, parse and correlate information against data from multiple sources and when needed engineer solutions to do the same • Strong communication skills with the ability to switch communication styles when needed between technical and non-technical audiences • Demonstrated experience in common Sec Ops tooling including but not limited to: Elastic, Splunk, Hive, Crowdstrike Falcon or similar • Experience in creating automations to improve IR program workflows and capabilities (Python preferred) • Experience with developing & supporting native data ingestion and data normalization integrations • Ability to lead large projects and work with cross functional stakeholders throughout the organization • Ability to partner with Legal & Compliance teams for relevant incident reporting requirements across regulatory bodies • Experience in building actionable threat intelligence & hunting programs is always a bonus! • This position requires either equivalent practical experience or a Bachelor’s degree in a related field

Benefits

• Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents • Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses • Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge • ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount