Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.
Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk while securely enabling access to information for those who need it!
The Staff Cloud Security Software Engineer candidate will have extensive experience developing and deploying software and/or DevOps tooling as part of a larger team. The ideal candidate can direct the project design of experienced software and infrastructure engineers to improve the security of Affirm’s cloud infrastructure.
What you'll do
- Configure and implement cloud security services, including identity and access management, detective controls, infrastructure protection, and data protection.
- Develop custom serverless Python applications to inventory and report on Affirm’s cloud security posture.
- Specify, standardize, configure, and validate access controls across a wide range of cloud services.
- Design and implement scalable security solutions within AWS services using IAM.
- Manage cloud platform security auditing, monitoring, and alerting capabilities.
- Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure.
What we look for
- Extensive experience using modern software delivery to develop cloud-based services using Python and AWS serverless infrastructure.
- Hands-on experience securing Kubernetes access control and securing Kubernetes infrastructure.
- Extensive experience applying RBAC using IAM across a variety of users and services.
- Experience developing and deploying cloud services using Terraform.
- Understanding of methods and systems used for auditing usage and access to AWS cloud services.
- Experience administering database services and corresponding access using role-based access controls.
- Understanding of continuous integration / continuous deployment processes and tools.