Senior Manager, Product Security Engineering (Platform Security)

Senior Manager, Product Security Engineering (Platform Security)

Join to apply for the

Senior Manager, Product Security Engineering (Platform Security)

role at

Affirm .

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or compounding interest. Security is critical to our mission; the Platform Security team protects our cloud-hosted systems and applications from threats.

What You’ll Do

Lead, develop, and mentor the Platform Security team, setting direction, managing performance, and ensuring strong communication across distributed time zones.

Design, implement, and operate cloud security controls for AWS, GCP, and Azure to protect infrastructure, services, and applications from evolving threats.

Partner with engineering and product leadership to influence architecture decisions, define security requirements, and ensure alignment with technical strategy.

Strengthen container security by guiding secure design and operation of containerized environments using Docker, Kubernetes, and related tooling.

Drive adoption of DevSecOps practices by embedding automated security checks, workflows, and guardrails into CI / CD pipelines and developer tooling.

Communicate complex security risks, tradeoffs, and recommendations to technical and non‑technical stakeholders with clarity, precision, and authority.

Develop and mature the platform security roadmap, identifying long‑term risks, investments, and capabilities needed to strengthen our cloud posture.

Define, maintain, and enforce baseline security configurations, standards, and operational processes for cloud platforms, systems, and applications.

Create and maintain security metrics and dashboards that provide meaningful insights into control effectiveness, program maturity, and areas needing investment.

Support budget planning, resource allocation, and team development to ensure the program can scale effectively and deliver strong outcomes over time.

What We Look For

Minimum five years of technical experience across cloud computing, security, identity and access management, or IT infrastructure.

At least five years of experience implementing automated workflows in CI / CD, DevOps, or DevSecOps environments.

At least five years of experience with automation tools such as Terraform, Jenkins, GitLab, GitHub, or TFS.

At least five years of experience with containers and related technologies (Docker, Podman, Kubernetes).

Strong understanding of attacker methodologies, advanced persistent threats, kill chain models, MITRE ATT&CK, and threat detection patterns.

Knowledge of emerging threats and security countermeasures; experience partnering with threat intelligence and detection teams.

Strong project management and people leadership skills.

Attention to detail and the ability to drive complex initiatives with minimal supervision.

Ability to communicate technical issues clearly to non‑technical audiences.

Passion for working with diverse teams and integrating multiple perspectives into decision‑making.

Experience leading and managing through impactful incidents with senior stakeholders.

Bachelor’s or Master’s degree from an accredited college or university.

Relevant certifications a plus (e.g., CISSP, CCSP, CCSK, AWS Certified Security Specialty, AWS Solutions Architect).

Even if you don’t meet every listed requirement, we encourage you to apply. We want to meet people who believe in our mission and can contribute meaningfully.

Compensation

Base Pay Grade : R – Equity Grade : 9. Base pay range per year : $206,000 – $256,000. Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents).

Benefits

Health care coverage – Autumn covers all premiums for all levels of coverage for you and your dependents.

Flexible Spending Wallets – generous stipends for technology, food, lifestyle needs and family forming expenses.

Time off – competitive vacation and holiday schedules allowing you to rest and recharge.

ESPP – An employee stock purchase plan enabling you to buy shares of the company at a discount.

Location

Remote – Canada. Most roles are remote and can be based anywhere within the country of employment. Occasional in‑office work may be required as needed.

Seniority level

Mid‑Senior level

Employment type

Full‑time

Job function

Information Technology

Eligibility

Affirm is proud to be an equal‑opportunity employer. We consider qualified applicants with arrest and conviction records for U.S. positions that could be performed in Los Angeles or San Francisco, pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative. We are happy to provide reasonable accommodations to candidates with disabilities. By submitting an application, you acknowledge that you have read our Global Candidate Privacy Notice and give informed consent to the collection, processing, use, and storage of your personal information as described.

#J-18808-Ljbffr