Staff Product Security Engineer

1 day ago

Remote, Canada

Staff+

H1B Sponsor

Responsibilities

Partner with Affirm product teams to ensure security is integrated into every phase of product development.
Conduct threat modeling and architecture reviews to document and mitigate threats.
Review product source code to identify security vulnerabilities and recommend secure implementations.
Automate processes where appropriate to enhance efficiency.
Identify emerging vulnerabilities and develop proactive solutions.
Assist in creating security-focused test cases for product teams.
Advise on business security requirements early in the product lifecycle.
Decompose large projects into tasks and manage scope across teams.

Deep understanding of web application architecture and design principles.
Experience with modern software development techniques for cloud-based services, preferably in Python, Kotlin, Java, AWS, and Azure.
Knowledge of common security flaws and their resolutions as per OWASP and SANS.
Experience in PCI or other regulated environments.
Experience conducting threat models for complex products using standard methodologies.
Familiarity with standard authentication mechanisms like SAML and OAuth2.
Understanding of continuous integration and deployment processes.
BS degree in a related field or equivalent experience; MS degree is a plus.

100% subsidized medical coverage for you and your dependents.
Generous stipends for technology, food, lifestyle needs, and family forming expenses.
Competitive vacation and holiday schedules.
Employee stock purchase plan allowing shares of Affirm at a discount.

AWSAzureJavaKotlinPython