Senior Product Security Engineer

AffirmAffirm·Remote(Remote Canada)
Software Development
Programmatic

WFA Digital Insight

As demand for secure digital payment solutions grows, Affirm's commitment to programmatic security is a standout in the industry. With a 20% increase in security roles posted on WFA Digital in the past year, candidates with expertise in cloud-based services and web application architecture are in high demand. Before applying, consider how your skills align with Affirm's mission to make information security a cultural cornerstone.

Job Description

About the Role

Affirm is reinventing credit to make it more honest and friendly. The Security team's mission is to make information security programmatic and cultural, enabling the company to succeed in building honest financial products.

Responsibilities

  • Partner with product teams to ensure security is included in every phase of product development.
  • Conduct threat modeling and architecture reviews to identify and mitigate threats.
  • Review and analyze product source code to identify security vulnerabilities.
  • Automate processes when appropriate.
  • Identify emerging vulnerabilities and develop solutions.
  • Assist in developing security-focused test cases.
  • Advise product teams on business security requirements.

Requirements

  • Deep understanding of web application architecture and design principles.
  • Experience with modern software development and delivery techniques for cloud-based services.
  • Knowledge of common security flaws and resolutions as published by OWASP, SANS, etc.

How to Stand Out

  • Develop a strong portfolio showcasing your experience with cloud-based services like AWS or Azure, and highlight your proficiency in languages like Python, Kotlin, or Java.
  • Be prepared to discuss your approach to threat modeling and how you stay updated with the latest security vulnerabilities and trends.
  • Use your cover letter to explain how your skills and experience align with Affirm's mission and the specific requirements of the Senior Product Security Engineer role.
  • In the interview, be ready to walk through your process for reviewing and analyzing product source code for security vulnerabilities.
  • Consider highlighting any experience you have with automating security processes or developing security-focused test cases.

This is a remote position listed on WFA Digital, the platform for professionals who work from anywhere. Browse more remote jobs across all categories.