Affirm
Staff Security Operations Engineer (Observability & Automation)
Affirm - Palo Alto, California, United States, 94306
Work at Affirm
Overview
- View job
Overview
Staff Security Operations Engineer (Observability & Automation) Join us to apply for the
Staff Security Operations Engineer (Observability & Automation)
role at
Affirm . Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or interest. Security is vital to Affirm's success. Our mission is to foster a security culture that supports building trustworthy financial products. The Security Operations and Resilience Engineering (Sec Ops) program underpins our preventive and responsive security practices to safeguard assets. As part of the Security Team, you'll join passionate, skilled individuals who enjoy tackling security challenges and learning new skills. We prioritize a team-first approach and aim to redefine security in fintech. We're seeking a Staff Security Engineer to develop and mature our Security Observability Engineering program, focusing on Automation to enhance Detection and Response workflows. This hands-on role requires experience in securing cloud environments and building automations across platforms. You will participate in on-call duties and serve as an engineering escalation point. This collaborative position involves partnering with internal Security teams like Platform Security and external teams (Infrastructure, Observability, Privacy/Legal) to enhance security operations. Your work will impact millions of customers, merchants, and partners by improving trust and security. Responsibilities
Lead the maturation of our Security Observability & Detection Engineering program. Develop automation and integrations to improve detection and response workflows. Enhance logging pipelines for critical data sources to improve IR observability. Contribute to detection development using frameworks like MITRE ATT&CK. Tune detections to maximize accuracy and reduce noise. Support incident response by participating in on-call duties and leading remediation efforts. Develop and refine security incident response playbooks and processes. Lead security projects across teams and promote external engagement in the security community. Qualifications
At least 5+ years in Detection and Response, with a focus on engineering in cloud environments (AWS, EKS preferred). Proficiency in programming for automation (Python & Terraform preferred). Experience with data ingestion and normalization for observability. Hands-on experience with investigative, containment, and remediation actions. Familiarity with SIEM, EDR, MDR tools like Splunk, Elastic, SentinelOne, CrowdStrike, etc. Experience with container orchestration (Kubernetes or similar). Knowledge of Infrastructure-as-code, especially Terraform. Strong communication skills adaptable to technical and non-technical audiences. Ability to lead projects and coordinate with cross-functional teams. Pay Grade:
P
The information below covers the role requirements, expected candidate experience, and accompanying qualifications. Equity Grade:
13 Compensation includes base pay, equity, stipends, and benefits such as health coverage, wellness stipends, and stock purchase plans. The US pay range varies by location, from $200,000 to $275,000 annually. This is a remote position within the US, with some roles requiring occasional office presence. Affirm offers inclusive hiring practices and accommodations for candidates with disabilities. By applying, you consent to our privacy policy. Additional Details
Seniority Level: Mid-Senior level Employment Type: Full-time Job Function: Information Technology
#J-18808-Ljbffr
Staff Security Operations Engineer (Observability & Automation)
role at
Affirm . Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or interest. Security is vital to Affirm's success. Our mission is to foster a security culture that supports building trustworthy financial products. The Security Operations and Resilience Engineering (Sec Ops) program underpins our preventive and responsive security practices to safeguard assets. As part of the Security Team, you'll join passionate, skilled individuals who enjoy tackling security challenges and learning new skills. We prioritize a team-first approach and aim to redefine security in fintech. We're seeking a Staff Security Engineer to develop and mature our Security Observability Engineering program, focusing on Automation to enhance Detection and Response workflows. This hands-on role requires experience in securing cloud environments and building automations across platforms. You will participate in on-call duties and serve as an engineering escalation point. This collaborative position involves partnering with internal Security teams like Platform Security and external teams (Infrastructure, Observability, Privacy/Legal) to enhance security operations. Your work will impact millions of customers, merchants, and partners by improving trust and security. Responsibilities
Lead the maturation of our Security Observability & Detection Engineering program. Develop automation and integrations to improve detection and response workflows. Enhance logging pipelines for critical data sources to improve IR observability. Contribute to detection development using frameworks like MITRE ATT&CK. Tune detections to maximize accuracy and reduce noise. Support incident response by participating in on-call duties and leading remediation efforts. Develop and refine security incident response playbooks and processes. Lead security projects across teams and promote external engagement in the security community. Qualifications
At least 5+ years in Detection and Response, with a focus on engineering in cloud environments (AWS, EKS preferred). Proficiency in programming for automation (Python & Terraform preferred). Experience with data ingestion and normalization for observability. Hands-on experience with investigative, containment, and remediation actions. Familiarity with SIEM, EDR, MDR tools like Splunk, Elastic, SentinelOne, CrowdStrike, etc. Experience with container orchestration (Kubernetes or similar). Knowledge of Infrastructure-as-code, especially Terraform. Strong communication skills adaptable to technical and non-technical audiences. Ability to lead projects and coordinate with cross-functional teams. Pay Grade:
P
The information below covers the role requirements, expected candidate experience, and accompanying qualifications. Equity Grade:
13 Compensation includes base pay, equity, stipends, and benefits such as health coverage, wellness stipends, and stock purchase plans. The US pay range varies by location, from $200,000 to $275,000 annually. This is a remote position within the US, with some roles requiring occasional office presence. Affirm offers inclusive hiring practices and accommodations for candidates with disabilities. By applying, you consent to our privacy policy. Additional Details
Seniority Level: Mid-Senior level Employment Type: Full-time Job Function: Information Technology
#J-18808-Ljbffr