Staff Security Operations Engineer, Observability & Automation Engineering

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or interest.

Security is vital to Affirm's success. Our mission is to foster a security-first culture, supporting the development of honest financial products. The Security Operations (Sec Ops) program underpins our preventive and reactive security practices to safeguard assets.

As part of the Security Team, you'll work with passionate, skilled colleagues to tackle security challenges and learn new skills. We emphasize teamwork and aim to redefine security in fintech.

We're looking for a Staff Security Operations Engineer to develop and mature our Logging, Detection, and Response programs. This hands-on role requires cloud engineering experience, participation in on-call duties, and serving as an escalation point for engineering issues.

You will collaborate with internal teams such as Platform Security, Corporate Security, and external teams like Infrastructure and Observability to enhance security operations, solve complex problems, and align solutions with organizational goals.

• Lead and mature our Logging & Detection Engineering program.
• Enhance our logging pipeline to improve data ingestion and visibility.
• Develop advanced detections using frameworks like MITRE ATT&CK.
• Optimize detection fidelity and reduce noise through tuning.
• Contribute to building and maintaining security tooling.
• Manage security incident detection, response, and remediation.
• Serve as the senior escalation point for investigations and incidents.
• Automate workflows between tools to improve efficiency.
• Develop and refine incident response playbooks and processes.
• Lead security projects across teams.

• At least 5+ years in Detection and Response with a focus on engineering in a cloud environment (AWS or similar).
• Experience with data ingestion, normalization, and monitoring tools.
• Hands-on incident handling, containment, and remediation skills.
• Proficiency with tools like Elastic, Splunk, Hive, Crowdstrike Falcon.
• Experience with container orchestration (Kubernetes or similar).
• Automation skills, preferably with Python.
• Knowledge of Infrastructure-as-Code, especially Terraform.
• Strong communication skills for technical and non-technical audiences.
• Ability to lead projects and collaborate across teams.
• Experience in threat intelligence and hunting is a plus.

Base Pay Grade: P | Equity Grade: 13

Location: Remote - US. Affirm is a remote-first company, with some roles requiring occasional office visits.

• Comprehensive health coverage for employees and dependents.
• Flexible stipends for technology, food, lifestyle, and family needs.
• Generous vacation and holiday policies.
• Employee Stock Purchase Plan (ESPP).

We are committed to inclusive hiring and accommodations for candidates with disabilities. Affirm considers qualified applicants with arrest and conviction records.

By applying, you agree to Affirm's Privacy Notice and consent to data processing.

• Seniority Level: Mid-Senior Level
• Employment Type: Full-time
• Job Function: Information Technology