Senior Manager, Product Security Engineering; Platform Security

Senior Manager, Product Security Engineering (Platform Security)

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without hidden fees or compounding interest. Security is critical to our mission, and the Platform Security team is the backbone of our preventive and responsive security capabilities, protecting cloud‑hosted systems and applications from threats. As Senior Manager, Product Security you will lead this team and partner with engineering and cross‑functional leaders to ensure our cloud platforms, infrastructure, and applications are secure and resilient.

• Lead, develop, and mentor the Platform Security team, setting direction, managing performance, and ensuring strong communication and execution across distributed time zones.
• Design, implement, and operate cloud security controls for AWS, GCP, and Azure to protect infrastructure, services, and applications from evolving threats.
• Partner with engineering and product leadership to influence architecture decisions, define security requirements, and ensure alignment with our technical strategy.
• Strengthen container security by guiding secure design and operation of containerized environments using Docker, Kubernetes, and related ecosystem tooling.
• Drive adoption of Dev Sec Ops  practices by embedding automated security checks, workflows, and guardrails into CI/CD pipelines and developer tooling.
• Communicate complex security risks, trade‑offs, and recommendations to technical and non‑technical stakeholders with clarity, precision, and authority.
• Develop and mature the platform security roadmap, identifying long‑term risks, investments, and capabilities needed to strengthen our cloud posture.
• Define, maintain, and enforce baseline security configurations, standards, and operational processes for cloud platforms, systems, and applications.
• Create and maintain security metrics and dashboards that provide meaningful insights into control effectiveness, program maturity, and areas needing investment.
• Support budget planning, resource allocation, and team development, ensuring the program can scale effectively and deliver strong outcomes over time.

• Minimum five years of technical experience across cloud computing, security, identity and access management, or IT infrastructure.
• At least five years of experience implementing automated workflows in CI/CD, Dev Ops, or Dev Sec Ops  environments.
• At least five years of experience with automation tools such as Terraform, Jenkins, Git Lab, Git Hub, or TFS.
• At least five years of experience with containers and related technologies (Docker, Podman, Kubernetes).
• Strong understanding of attacker methodologies, advanced persistent threats, kill chain models, MITRE ATT&CK, and threat detection patterns.
• Knowledge of emerging threats and security countermeasures; experience partnering with threat intelligence and detection teams to proactively reduce risk.
• Strong project management and people leadership skills.
• Attention to detail and the ability to drive complex initiatives with minimal supervision.
• Ability to communicate technical issues clearly to non‑technical audiences.
• Passion for working with diverse teams and integrating multiple perspectives into decision‑making.
• Experience in leading and managing through impactful incidents with senior stakeholders and decision makers.
• Bachelor’s or Master’s degree from an accredited college or university.
• Relevant certifications a plus (e.g., CISSP, CCSP, CCSK, AWS Certified Security Specialty, AWS Solutions Architect).

• Health care coverage – we cover all premiums for all levels of coverage for you and your dependents.
• Flexible Spending Wallets – generous stipends for technology, food, lifestyle, and family‑forming expenses.
• Time off – competitive vacation and holiday schedules allowing you to take time to rest and recharge.
• ESPP – an employee stock purchase plan enabling you to buy shares at a discount.

Location:

Remote – US. The majority of our roles are remote and you can work from anywhere within the country of employment. Occasionally, you may be required to…