As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space.
We are looking for a Staff Security Engineer in the Enterprise Security team, primarily supporting the Security Operations program including Logging, Detection, Response and Automation. In this role, you will collaborate with internal Security teams (such as Platform Security, Corporate Security) and other external teams (such as Infrastructure, Observability, Privacy/Compliance) to create and improve enterprise security capabilities. You will partner with the right teams to solve complex security problems and help design solutions that are aligned with broader organizational goals.
What You'll Do
- Drive monitoring, detection and response including remediation for security incidents and investigations throughout our environment.
- Build and enhance our current logging pipeline to help ingest the right data sources needed to improve our visibility.
- Integrate security tooling into existing infrastructure. Develop security software configurations and improve tool functionality over time.
- Build automation between tools when needed to help improve logging, detection and response workflows.
- Contribute to our detection program by helping write detections based on frameworks such as MITRE ATT&CK.
- Configure and implement cloud security services, including identity and access management, detective controls, infrastructure protection, and data protection.
- Contribute to developing and maturing security incident response playbooks and processes.
- Collaborate with cross functional teams across Affirm and lead key Security projects.
- Be the senior escalation point for the team when needed for help with investigations and incidents.
What We Look For
- A seasoned Enterprise Security engineer with a strong ability to analyze, parse and correlate information against data from multiple sources and when needed engineer solutions to do the same.
- Experience leading investigations and incidents including containment actions and remediation when needed in a cloud heavy environment (AWS preferred).
- Demonstrated experience in common Enterprise Security tooling including but not limited to: Elastic/Splunk, CrowdStrike Falcon, Auditbeat or similar.
- Experience with developing native data ingestion and data normalization integrations.
- Familiarity with container orchestration with container orchestration technologies (Kubernetes).
- Experience developing and deploying cloud services using Infrastructure as code with Terraform or similar.
- Experience in developing API integrations and automations to improve Enterprise Security workflows and capabilities (Python or similar language).
- Ability to lead and drive cross functional projects with stakeholders throughout the organization.
- Strong communication skills with the ability to switch communication style when needed between technical and non-technical audiences.
- Experience in applying IAM controls across a variety of users, applications and services is a bonus!
Compensation & Benefits
We offer a competitive package, with some highlights listed below. However, the given figures are not guaranteed compensation ranges; rather, they are unbinding, approximate indications of what the salary may be for your awareness. The actual salary may be less than the lower range or greater than the upper range, depending on skills and experience. No employee is guaranteed salary at the amount of the lower range.
- Targeted Gross Monthly Salary: 25,792 - 32,233 PLN
- Type of employment: Contract of Employment
- Flexible Spending Wallets for tech, food and lifestyle
- Generous time off policies
- Away Days - wellness days to take off work and recharge
- Learning & Development programs
- Parental leave
- Robust health benefits
- Employee Resource & Community Groups
- This role is eligible for creative tax benefits, subject to applicable law and company policy
Location - Remote Poland
The majority of our roles can be located anywhere in Poland.
**This job description is not a contractual document, and is not intended to have binding force.**
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided