Staff Security Operations Engineer, Observability & Automation Engineering

Join to apply for the Staff Security Engineer (Detection & Response) role at Affirm

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

Security is vital to Affirm's success. Our mission is to foster a security-first culture, enabling the development of honest financial products. Our Security Operations (Sec Ops) program underpins our preventive and responsive security practices to safeguard assets.

As part of the Security Team, you'll join passionate, skilled individuals who enjoy solving security challenges and learning new skills. We emphasize teamwork and aim to redefine security in fintech.

We're seeking a Staff Security Operations (Sec Ops) Engineer to develop and mature our Logging, Detection, and Response programs. This hands-on role requires cloud engineering experience and involves participating in on-call duties. You will collaborate with internal teams (Platform Security, Corporate Security) and external teams (Infrastructure, Observability, Privacy/Compliance) to enhance security operations.

1. Lead and mature our Logging & Detection Engineering program.
2. Enhance our logging pipeline for better visibility.
3. Develop advanced detections using frameworks like MITRE ATT&CK.
4. Fine-tune detections to improve accuracy and reduce noise.
5. Contribute to tooling projects for security operations.
6. Manage security incident detection, response, and remediation.
7. Serve as the escalation point for investigations and incidents.
8. Automate workflows between security tools.
9. Develop and improve incident response playbooks and processes.
10. Lead security projects across teams.

• At least 5+ years in Detection and Response, with a focus on cloud environments (AWS or similar).
• Experience with data ingestion and normalization for Sec Ops monitoring.
• Hands-on incident handling and collaboration with infrastructure and SRE teams.
• Proficiency with tools like Elastic, Splunk, Hive, Crowdstrike Falcon.
• Experience with Kubernetes or similar container orchestration.
• Automation skills, preferably with Python.
• Familiarity with Infrastructure-as-Code, especially Terraform.
• Strong communication skills for technical and non-technical audiences.
• Ability to lead projects and collaborate across teams.
• Experience in threat intelligence and hunting is a plus.

Base Pay Grade: P; Equity Grade: 13. Salary ranges vary by location, with comprehensive benefits including health coverage, stipends, time off, and stock purchase plans.

Remote-first within the US, with flexibility to work from home or occasionally from an office. Affirm supports inclusive hiring and provides accommodations as needed.

Senior level: Mid-Senior; Employment: Full-time; Function: IT.