• Partner with Affirm product teams to ensure that security is included in every phase of the product development lifecycle. • Conduct threat modeling and architecture reviews to ensure threats are understood, documented, and mitigated. • Review and analyze product source code to identify security vulnerabilities and provide recommendations for secure implementation. • Seek out opportunities to automate processes when appropriate. • Identify emerging classes of vulnerabilities and developing solutions for them before they’re a problem. • Assist product teams in the development of security focused test cases to enforce security requirements. • Advise product teams on business security requirements early in the product development lifecycle. • Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure.

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm values information security as a critical part of the company’s continued success. Our mission is to make information security programmatic and cultural in Affirm, enabling the company to succeed in building honest financial products. The Security team posture increases security and reduces risk while securely enabling access to information for those who need it! The Staff Product Security Engineer candidate will have experience building and architecting software as part of a larger team. The ideal candidate will work effectively with product and engineering teams to evaluate and influence product requirements, design, and implementation to improve the security of Affirm’s products. What You'll Do - Partner with Affirm product teams to ensure that security is included in every phase of the product development lifecycle. - Conduct threat modeling and architecture reviews to ensure threats are understood, documented, and mitigated. - Review and analyze product source code to identify security vulnerabilities and provide recommendations for secure implementation. - Seek out opportunities to automate processes when appropriate. - Identify emerging classes of vulnerabilities and developing solutions for them before they’re a problem. - Assist product teams in the development of security focused test cases to enforce security requirements. - Advise product teams on business security requirements early in the product development lifecycle. - Decompose large, cross-team projects into individual tasks. Manage scope across teams and drive toward project closure. What We Look For - Deep understanding of web application architecture and design principles - Experience using modern software development and delivery techniques to develop cloud-based services. Python, Kotlin, Java, AWS, and Azure experience preferred. - Knowledge of common security flaws and resolution as published by OWASP, SANS, etc. - Experience with PCI or other regulated environments. - Experience conducting threat models for complex, distributed products using standard threat modeling techniques and methodologies. - Experience with standard authentication mechanisms, including SAML and OAuth2. - Understanding of continuous integration / continuous deployment processes and tools. - BS degree in related field or equivalent experience. MS degree in a related field or equivalent experience is a plus. Location - Remote Canada Pay Grade - P Equity Grade - 7 Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills. Base pay is part of a total compensation package that may include monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents). In addition, the employees may be eligible for equity rewards offered by Affirm Holdings, Inc. (parent company). Base pay range per year: $178,000 - 228,000 CAD This posting is for an existing vacancy. #LI-Remote Affirm is proud to be a remote-first company! The majority of our roles are remote and you can work almost anywhere within the country of employment. Affirmers in proximal roles have the flexibility to work remotely, but will occasionally be required to work out of their assigned Affirm office. A limited number of roles remain office-based due to the nature of their job responsibilities. We’re extremely proud to offer competitive benefits that are anchored to our core value of people come first. Some key highlights of our benefits package include: - Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents - Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses - Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge - ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. [For U.S. positions that could be performed in Los Angeles or San Francisco] Pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records. By clicking "Submit Application," you acknowledge that you have read Affirm's Global Candidate Privacy Notice and hereby freely and unambiguously give informed consent to the collection, processing, use, and storage of your personal information as described therein.

• Provide influence and leadership over Samsara’s Enterprise Security roadmap and priorities, helping to balance both near-term and long-term business impact with technical considerations • Write clear, concise documentation and runbooks for enterprise security workflows • Collaborate with partners across Engineering, IT, and Security to ensure proper implementation of security tools and policies • Occasionally assist the Security Operations team during security investigations, acting as a technical subject matter expert within your domain • Partner with engineering teams to triage and support remediation of vulnerabilities and misconfigurations in systems and applications • Mentor engineers in the Security team to grow their domain knowledge, tool-specific skills, and communication abilities • Champion, role model, and embed Samsara’s cultural principles as we scale globally and across new offices

• Analyze Cyber Threat Intelligence data to extract meaningful insights • Identify trends, patterns, and anomalies in large-scale security data • Produce regular data-driven content (reports, blog posts, insights) to showcase the value of CrowdSec data • Analyze product usage to understand how users interact with CrowdSec • Identify friction points in the user journey • Provide actionable insights to improve feature adoption and overall user experience • Contribute to shaping future product features based on data • Define and monitor key product and business KPIs • Analyze network growth, user retention and churn patterns • Help the team understand what drives engagement and long-term usage • Leverage data to generate qualified leads and insights for Sales and Marketing • Identify high-potential accounts or segments based on usage or behavior • Support go-to-market strategies with data-driven insights