Senior Security Operations Engineer driving security incident response efforts for Affirm's systems and customers. Collaborating with teams to improve security posture and build automated playbooks.
Responsibilities
Lead security incidents end-to-end, from detection and triage through containment, remediation, and post-incident review.
Act as incident commander, driving clear decisions and alignment across teams during high-pressure situations.
Conduct hands-on investigations across cloud and endpoint environments to determine root cause and impact.
Partner with Observability & Automation to improve detections, reduce noise, and build automated response playbooks.
Contribute to and refine incident response playbooks, runbooks, and documentation to improve readiness and consistency.
Collaborate with Security, Infrastructure, and Product teams to identify gaps and strengthen the incident response lifecycle.
Communicate effectively during incidents, providing clear updates to both technical and non-technical stakeholders.
Requirements
5+ years of experience in Security Operations or Detection & Response, with strong hands-on incident response in cloud environments (AWS and EKS experience strongly preferred).
Proven ability to lead security incidents, including containment and remediation, in fast-moving environments.
Strong investigative and analytical skills, with the ability to synthesize signals from multiple data sources.
Experience with security tooling such as SIEM and EDR platforms (e.g., Splunk, Elastic, SentinelOne, CrowdStrike, or similar).
Solid understanding of cloud security concepts and their application in real-world scenarios.
Strong communication skills, with the ability to clearly convey information across technical and non-technical audiences.
Experience building or improving automation for incident response workflows (e.g., scripting in Python; infrastructure-as-code is a plus).
Benefits
Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount
Head of Fusion & Cybersecurity Operations at TD responsible for strategic direction and operational oversight of protect operations. Safeguarding data and systems from cyber threats and managing teams in cyber crime prevention.
Intermediate Security Operations Centre Analyst at Long View managing security incidents and working with IT systems. Engaging with teams across Canada in a dynamic IT environment.
SOC Analyst responsible for monitoring security events and assessing risks while collaborating with global customers. Working with Fortinet's SOC - as - a - Service team to improve security posture.
IAM Operations Lead responsible for daily administration, governance, and security of identity infrastructure, ensuring correct access and minimizing risks.
CSOC Analyst responsible for managing security incidents and threat investigation at Just Eat Takeaway. Working with an internal team to detect, investigate, and respond to significant threats.
Security Operations Engineer at Supabase providing front - line coverage for security alerts and customer security tickets. Supporting internal IT operations and improving security processes in a remote setup.
SecOps Engineer integrating security into development processes for Lido Protocol. Collaborating on security practices, incident management, and developer training.
SOC Operator managing 24/7 command centre operations for the Toronto Jewish community. Support during emergencies, manage incidents, and conduct thorough record - keeping.
Security Operations Analyst monitoring and investigating security threats across enterprise systems. Collaborating with teams on incident response and threat intelligence activities.