Senior Security Engineer

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

Affirm values information security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products. The Security Operations program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse event. 

As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space. 

The ideal candidate will design, develop, configure, and implement solutions to complex technical and business issues related to Identity & Access Management (IAM), access authentication (authN), authorization (authZ), lifecycle provisioning, and role-based access control. They will also provide end-user support as directed by management, work on multiple highly complex functions, and interface professionally with business stakeholders to identify and recommend functional, technological, and control solutions. They should be able to drive multiple projects simultaneously as part of the Identity and Access Management team and act as a subject matter expert (SME) on the Security team.

What You'll Do

• Drive IAM Program initiatives and projects including IGA, PAM, and Federation
• Integrate security tooling into existing infrastructure. Develop security software configurations and improve tool functionality over time
• Modernize Affirms IAM program from the aspect of People, Process, and Technologies
• Automate process flows and integration patterns for Affirms Identity Lifecycle Management processes.
• Own IAM Lifecycle processes and solutions to meet business requirements
• Author and maintain various jobs used for lifecycle automation using scripting and configuration languages such as Python, JSON, XML, or similar
• Develop and administer custom automation between disparate 3rd-party apps using Workflow and Orchestration platforms such as SailPoint Workflows, Okta Workflows, cron jobs(scheduled, event-driven, and on-demand)
• Follow agile lifecycle methodologies, create documentation for design and testing
• Assist the Security Operations team and act as an escalation point
• Resolve technical issues through investigation, debugging, research, and testing
• Develop root-cause analysis and correction of error strategies to determine improvement opportunities when failures occur. Contribute as lead and SME on incident research and resolution when appropriate
• Manage workload, prioritizing tasks and other duties as needed
• Assist management in the definition of cross-platform identity management policies and procedures, and act as a senior contributor to departmental standard operating procedures, processes, and guidelines
• Drive and participate in the collection and documentation of departmental knowledge artifacts; key participant in the development, population, and championing of knowledge management and collaboration systems for the team
• Communicate complex technical information to peers and all levels of management

What We Look For

• Be professional, quickly establishing personal credibility and demonstrating expertise
• A teammate who is not only looking to enhance their own career but recognizes the value of teamwork, facilitating and encouraging collaboration amongst team members, and is capable of motivating teams to improve performance
• Excellent written and verbal communications skills
• Take a practical approach to solving issues and gaining stakeholder agreement
• Be able to analyze sophisticated problems and to deliver insightful, practical and sustainable solutions
• Ideally have professional experience engineering Identity Access Management & other Security centric solutions
• Experience engineering solutions Python (Kotlin is a plus!)
• Leveraging API’s for engineering security solutions
• Experience with engineering server side & client side RESTful web services 
• Experience working with Identity Governance (IGA), Privileged Access Management (PAM), & Identity Provider (idP)/Federation tools 
• Experience Access management (AM): authentication + authorization, single sign-on (SSO), session management, and authorization enforcement for target applications in multiple use cases
• Role Based Access Control (RBAC) Implementation Experience
• Exposure across one or more of the following IAM technologies is a plus: SailPoint, CyberArk; BeyondTrust, Okta; Auth0

Compensation & Benefits

We offer a competitive package, with some highlights listed below. However, the given figures are not guaranteed compensation ranges; rather, they are unbinding, approximate indications of what the salary may be for your awareness. The actual salary may be less than the lower range or greater than the upper range, depending on skills and experience. No employee is guaranteed salary at the amount of the lower range.

• Targeted Gross Monthly Salary: 22,041 - 27,550 PLN
• Flexible Spending Wallets for tech, food and lifestyle
• Generous time off policies 
• Away Days - wellness days to take off work and recharge
• Learning & Development programs
• Parental leave
• Robust health benefits
• Employee Resource & Community Groups
• This role is eligible for creative tax benefits, subject to applicable law and company policy



Location - Remote Poland

The majority of our roles can be located anywhere in Poland.

**This job description is not a contractual document, and is not intended to have binding force.**

#LI-Remote