Senior Security Engineer
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.
Affirm values information security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products. The Security Operations program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse event.
As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space.
The ideal candidate will design, develop, configure, and implement solutions to complex technical and business issues related to Identity & Access Management (IAM), access authentication (authN), authorization (authZ), lifecycle provisioning, and role-based access control. They will also provide end-user support as directed by management, work on multiple highly complex functions, and interface professionally with business stakeholders to identify and recommend functional, technological, and control solutions. They should be able to drive multiple projects simultaneously as part of the Identity and Access Management team and act as a subject matter expert (SME) on the Security team.
What You'll Do
Drive IAM Program initiatives and projects including IGA, PAM, and Federation
Integrate security tooling into existing infrastructure. Develop security software configurations and improve tool functionality over time
Modernize Affirms IAM program from the aspect of People, Process, and Technologies
Automate process flows and integration patterns for Affirms Identity Lifecycle Management processes.
Own IAM Lifecycle processes and solutions to meet business requirements
Author and maintain various jobs used for lifecycle automation using scripting and configuration languages such as Python, JSON, XML, or similar
Develop and administer custom automation between disparate 3rd-party apps using Workflow and Orchestration platforms such as SailPoint Workflows, Okta Workflows, cron jobs(scheduled, event-driven, and on-demand)
Follow agile lifecycle methodologies, create documentation for design and testing
Assist the Security Operations team and act as an escalation point
Resolve technical issues through investigation, debugging, research, and testing
Develop root-cause analysis and correction of error strategies to determine improvement opportunities when failures occur. Contribute as lead and SME on incident research and resolution when appropriate
Manage workload, prioritizing tasks and other duties as needed
Assist management in the definition of cross-platform identity management policies and procedures, and act as a senior contributor to departmental standard operating procedures, processes, and guidelines
Drive and participate in the collection and documentation of departmental knowledge artifacts; key participant in the development, population, and championing of knowledge management and collaboration systems for the team
Communicate complex technical information to peers and all levels of management
What We Look For
Be professional, quickly establishing personal credibility and demonstrating expertise
A teammate who is not only looking to enhance their own career but recognizes the value of teamwork, facilitating and encouraging collaboration amongst team members, and is capable of motivating teams to improve performance
Excellent written and verbal communications skills
Take a practical approach to solving issues and gaining stakeholder agreement
Be able to analyze sophisticated problems and to deliver insightful, practical and sustainable solutions
Ideally have professional experience engineering Identity Access Management & other Security centric solutions
Experience engineering solutions Python (Kotlin is a plus!)
Leveraging API’s for engineering security solutions
Experience with engineering server side & client side RESTful web services
Experience working with Identity Governance (IGA), Privileged Access Management (PAM), & Identity Provider (idP)/Federation tools
Experience Access management (AM): authentication + authorization, single sign-on (SSO), session management, and authorization enforcement for target applications in multiple use cases
Role Based Access Control (RBAC) Implementation Experience
Exposure across one or more of the following IAM technologies is a plus: SailPoint, CyberArk; BeyondTrust, Okta; Auth0
Compensation & Benefits
We offer a competitive package, with some highlights listed below. However, the given figures are not guaranteed compensation ranges; rather, they are unbinding, approximate indications of what the salary may be for your awareness. The actual salary may be less than the lower range or greater than the upper range, depending on skills and experience. No employee is guaranteed salary at the amount of the lower range.
- Targeted Gross Monthly Salary: 22,041 - 27,550 PLN
- Flexible Spending Wallets for tech, food and lifestyle
- Generous time off policies
- Away Days - wellness days to take off work and recharge
- Learning & Development programs
- Parental leave
- Robust health benefits
- Employee Resource & Community Groups
- This role is eligible for creative tax benefits, subject to applicable law and company policy
Location - Remote Poland
The majority of our roles can be located anywhere in Poland.
**This job description is not a contractual document, and is not intended to have binding force.**
Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities.
We have a simple and transparent remote-first grade-based compensation structure. Offer amounts within the range are based on a number of factors including but not limited to job-related skills, experience, and relevant education or training. Across the broader organization, certain roles are eligible for equity awards upon hire, promotion, tenure milestones and for performance.
We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include:
- Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
- Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
- Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
- ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount
We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.