Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

At Affirm, security is integral to our mission of building honest financial products and driving the company’s long-term success. The Security Operations and Resilience Engineering (SOR) program serves as the foundation of our preventive and responsive efforts to safeguard Affirm’s assets and infrastructure. As part of our Security Team, you’ll join a group of passionate, highly skilled professionals redefining fintech security through collaboration, innovation, and a team-first mindset.

We’re seeking an experienced Staff Security Operations Engineer to lead our Detection & Response program in the UK, helping shape the next phase of our global Security Operations as Affirm expands internationally.

In this role, you’ll serve as the technical lead for company-wide initiatives across Logging, Detection, and Response in a highly engineering-driven, cloud-native environment. As the primary Response Lead for Europe, you’ll coordinate incident response efforts, guide investigations to resolution, and partner closely with Legal and Privacy teams to ensure compliance with regulatory requirements.

You’ll also play a key role in scaling operational capabilities including architecting and building logging & detection pipelines, and developing response procedures that enhance our global security posture. Additionally, you’ll participate in on-call rotations and serve as the engineering escalation point for complex security incidents.

This role is deeply cross-functional, collaborating with teams across Security, Engineering, Infrastructure, and Privacy/Legal to strengthen and scale our security operations. Together, you’ll tackle complex security challenges, design resilient solutions aligned with company goals, and help build the trust and safety of millions of customers, merchants, and partners worldwide.

What You'll Do Lead and expand Affirm’s Security Incident Response Program within Europe, shaping the Detection & Response strategy for international growth. Lead the design and implementation of compliant security data strategies - partnering with Legal and Privacy to interpret regional regulations (e.g., GDPR, DORA) and determine how to structure, segregate, or manage key Security Operations tooling and data across international environments.  Act as Incident Commander during large-scale security events, guiding teams through containment, remediation, and post-incident reviews. Serve as the technical escalation point for investigations and incidents in a hands-on capacity. Develop and refine incident response playbooks, detection pipelines, and automations that scale globally. Provide briefings and updates to diverse audiences, including executive and technical leadership. Contribute to our detection program by creating advanced detections based on frameworks such as MITRE ATT&CK.  Contribute to our Cyber Threat Intelligence (CTI) program enabling proactive threat mitigation & response.  Partner with cross-functional teams to drive security engineering projects and resilience initiatives. Mentor and train team members, fostering a collaborative and growth-oriented culture. Engage externally with the broader security community through talks, publications, and knowledge sharing. What We Look For 7+ years of experience building and scaling Detection & Response programs aligned with international security, privacy, and regulatory frameworks, including GDPR, DORA, ISO 27001, and the UK NCSC Cyber Assessment Framework (CAF). Proven ability to lead complex investigations and security incidents in cloud-native environments (with strong preference for AWS and EKS). Deep expertise in incident command, containment, and remediation, particularly in high-pressure, fast-moving scenarios. Hands-on experience with Security Operations tooling such as SIEM, EDR, and MDR platforms - e.g., Splunk, Elastic, SentinelOne, CrowdStrike, Red Canary, Expel, or similar technologies. Proficiency in data ingestion and normalisation workflows, ensuring scalable and efficient security telemetry. Exceptional communication and leadership skills, with the ability to tailor messaging across technical, operational, and executive audiences. Compensation & Benefits
Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills. 

Base pay is part of a total compensation package that may include monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidised medical coverage, dental and vision for you and your dependents). In addition, the employees may be eligible for equity rewards offered by Affirm Holdings, Inc. (parent company).

Base pay range per year: £117,000 - £157,000

Location; Remote UK 

Additional benefits include:
• Type of employment: Contract of Employment
• Flexible Spending Wallets for tech, food and lifestyle
• Away Days - wellness days to take off work and recharge
• Learning & Development programs
• Parental benefits
• Employee Resource & Community Groups
• This role is eligible for creative tax benefits, subject to applicable law and company policy


#LI-Remote