Security Engineer, Operations

New York, NY
Engineering
Full Time - Exempt
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

Affirm values information security as a critical part of the company’s continued success. Your unique mission as a security team member is to identify potential weaknesses and vulnerabilities in the foundational infrastructure, SDLC, and strategically reinforce them, enabling other teams to focus on building honest financial products.

What You'll Do

    • Implement an enterprise-grade security monitoring system to process infrastructure logs.
    • Create software tools to simplify and speed log investigation and management processes.
    • Build and monitor integrations between security solutions and ensure the completeness and accuracy of ingested data. 
    • Develop content, tune alerting and create correlation rules. 
    • Identify opportunities for implementing additional technology controls to create more visibility or defend key points of attack.
    • Consume threat intelligence sources and perform vulnerability analysis. 
    • Identify security improvements to business processes and methodologies.
    • Timely respond to security events, such as external attacks, information exposure, security incidents.
    • Interface with peer departments within Security, and serve as an internal point of contact for all infrastructure security-related decisions, partnering with IT, Platform Engineering, Product and Business Development teams.
    • Build positive, productive relationships with business and technology leadership.

What We Look For

    • What We Look ForInterest and experience in security monitoring, SecDevOps; Previous experience as a DevOps engineer, SOC engineer is a plus
    • Team player, high work ethics, attention to details is a must
    • Programming languages and/or scripting skills to build automation, great problem-solving skills, and analytical mindset.
    • Deep understanding of continuous integration / continuous deployment processes and tools.
    • Strong cross-platform (Linux, MacOS, and Windows) administration-level experience
    • In-depth knowledge of network protocols
    • Ability to automate tasks using a scripting language (Python, Shell, etc).
    • Knowledge of regular expressions is desired.
    • Knowledge of Splunk, ElasticSearch, Sumologic is desired.
    • Experience with a SIEM or Log Management System is desired
    • Excellent written and spoken communication skills
    • BA/BS degree in a related field or equivalent experience is required
    • Security certification such as CISSP, OSCP is a plus
At Affirm, "People Come First" is a core value and that’s why diversity and inclusion are vital to our priorities as an equal opportunity employer. You can learn more about our D&I efforts here.