People Matter

Senior Security Engineer



Software Engineering
Remote · Poland
Posted on Friday, October 6, 2023

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

Affirm values information security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm, enabling the company to succeed in building honest financial products. The Security Operations program is the foundation of both preventive and responsive security practices to protect Affirm’s assets from an adverse event.

As a member of the Security Team at Affirm, you will be joining a team of fun, passionate and highly skilled individuals who like solving security challenges and enjoy learning new skills. We partner together with a team first mindset and are keen on redefining security in the fintech space.

The ideal candidate will design, develop, configure, and implement solutions to complex technical and business issues related to Identity & Access Management (IAM), access authentication (authN), authorization (authZ), lifecycle provisioning, and role-based access control. They will also provide end-user support as directed by management, work on multiple highly complex functions, and interface professionally with business stakeholders to identify and recommend functional, technological, and control solutions. They should be able to drive multiple projects simultaneously as part of the Identity and Access Management team and act as a subject matter expert (SME) on the Security team.

What You'll Do

  • Drive IAM Program initiatives and projects including IGA, PAM, and Federation

  • Integrate security tooling into existing infrastructure. Develop security software configurations and improve tool functionality over time

  • Modernize Affirms IAM program from the aspect of People, Process, and Technologies

  • Automate process flows and integration patterns for Affirms Identity Lifecycle Management processes.

  • Own IAM Lifecycle processes and solutions to meet business requirements

  • Author and maintain various jobs used for lifecycle automation using scripting and configuration languages such as Python, JSON, XML, or similar

  • Develop and administer custom automation between disparate 3rd-party apps using Workflow and Orchestration platforms such as SailPoint Workflows, Okta Workflows, cron jobs(scheduled, event-driven, and on-demand)

  • Follow agile lifecycle methodologies, create documentation for design and testing

  • Assist the Security Operations team and act as an escalation point

  • Resolve technical issues through investigation, debugging, research, and testing

  • Develop root-cause analysis and correction of error strategies to determine improvement opportunities when failures occur. Contribute as lead and SME on incident research and resolution when appropriate

  • Manage workload, prioritizing tasks and other duties as needed

  • Assist management in the definition of cross-platform identity management policies and procedures, and act as a senior contributor to departmental standard operating procedures, processes, and guidelines

  • Drive and participate in the collection and documentation of departmental knowledge artifacts; key participant in the development, population, and championing of knowledge management and collaboration systems for the team

  • Communicate complex technical information to peers and all levels of management

What We Look For

  • Be professional, quickly establishing personal credibility and demonstrating expertise

  • A teammate who is not only looking to enhance their own career but recognizes the value of teamwork, facilitating and encouraging collaboration amongst team members, and is capable of motivating teams to improve performance

  • Excellent written and verbal communications skills

  • Take a practical approach to solving issues and gaining stakeholder agreement

  • Be able to analyze sophisticated problems and to deliver insightful, practical and sustainable solutions

  • Ideally have professional experience engineering Identity Access Management & other Security centric solutions

  • Experience engineering solutions Python (Kotlin is a plus!)

  • Leveraging API’s for engineering security solutions

  • Experience with engineering server side & client side RESTful web services

  • Experience working with Identity Governance (IGA), Privileged Access Management (PAM), & Identity Provider (idP)/Federation tools

  • Experience Access management (AM): authentication + authorization, single sign-on (SSO), session management, and authorization enforcement for target applications in multiple use cases

  • Role Based Access Control (RBAC) Implementation Experience

  • Exposure across one or more of the following IAM technologies is a plus: SailPoint, CyberArk; BeyondTrust, Okta; Auth0

Compensation & Benefits

We offer a competitive package, with some highlights listed below. However, the given figures are not guaranteed compensation ranges; rather, they are unbinding, approximate indications of what the salary may be for your awareness. The actual salary may be less than the lower range or greater than the upper range, depending on skills and experience. No employee is guaranteed salary at the amount of the lower range.

  • Targeted Gross Monthly Salary: 22,041 - 27,550 PLN
  • Flexible Spending Wallets for tech, food and lifestyle
  • Generous time off policies
  • Away Days - wellness days to take off work and recharge
  • Learning & Development programs
  • Parental leave
  • Robust health benefits
  • Employee Resource & Community Groups
  • This role is eligible for creative tax benefits, subject to applicable law and company policy

Location - Remote Poland

The majority of our roles can be located anywhere in Poland.

**This job description is not a contractual document, and is not intended to have binding force.**


Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities.

We have a simple and transparent remote-first grade-based compensation structure. Offer amounts within the range are based on a number of factors including but not limited to job-related skills, experience, and relevant education or training. Across the broader organization, certain roles are eligible for equity awards upon hire, promotion, tenure milestones and for performance.

We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include:

  • Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents
  • Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses
  • Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge
  • ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount

We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process.

By clicking "Submit Application," you acknowledge that you have read the Affirm Employment Privacy Policy for applicants within the United States, the EU Employee Notice Regarding Use of Personal Data (Poland) for applicants applying from Poland, the EU Employee Notice Regarding Use of Personal Data (Spain) for applicants applying from Spain, or the Affirm U.K. Limited Employee Notice Regarding Use of Personal Data for applicants applying from the United Kingdom, and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.