×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Security Manager

Security Operations Engineer; Detection & Response Lead

Job in Coos Bay, Coos County, Oregon, 97458, USA
Listing for: Affirm
Full Time position
Listed on 2025-12-20
Job specializations:
  • IT/Tech
    Cybersecurity, Security Manager
Job Description & How to Apply Below
Position: Staff Security Operations Engineer, (Detection & Response Lead)

Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.

At affirm, security is integral to our mission of building honest financial products and driving the company’s long-term success. The Security Operations and Resilience Engineering (SOR) program serves as the foundation of our preventive and responsive efforts to safeguard affirm’s assets and infrastructure. As part of our Security Team, you’ll join a group of passionate, highly skilled professionals redefining fintech security through collaboration, innovation, and a team-first mindset.

We’re seeking an experienced

Staff Security Operations Engineer to lead our Detection & Response program in the UK, helping shape the next phase of our global Security Operations as affirm expands internationally.

In this role, you’ll serve as the technical lead for company‑wide initiatives across Logging, Detection, and Response in a highly engineering‑driven, cloud‑native environment. As the primary Response Lead for Europe, you’ll coordinate incident response efforts, guide investigations to resolution, and partner closely with Legal and Privacy teams to ensure compliance with regulatory requirements.

You’ll also play a key role in scaling operational capabilities including architecting and building logging & detection pipelines, and developing response procedures that enhance our global security posture. Additionally, you’ll participate in on‑call rotations and serve as the engineering escalation point for complex security incidents.

This role is deeply cross‑functional, collaborating with teams across Security, Engineering, Infrastructure, and Privacy/Legal to strengthen and scale our security operations. Together, you’ll tackle complex security challenges, design resilient solutions aligned with company goals, and help build the trust and safety of millions of customers, merchants, and partners worldwide.

What You’ll Do
  • Lead and expand affirm’s Security Incident Response Program within Europe, shaping the Detection & Response strategy for international growth.
  • Lead the design and implementation of compliant security data strategies - partnering with Legal and Privacy to interpret regional regulations (e.g., GDPR, DORA) and determine how to structure, segregate, or manage key Security Operations tooling and data across international environments.
  • Act as Incident Commander during large‑scale security events, guiding teams through containment, remediation, and post‑incident reviews.
  • Serve as the technical escalation point for investigations and incidents in a hands‑on capacity.
  • Develop and refine incident response playbooks, detection pipelines, and automations that scale globally.
  • Provide briefings and updates to diverse audiences, including executive and technical leadership.
  • Contribute to our detection program by creating advanced detections based on frameworks such as MITRE ATT&CK.
  • Contribute to our Cyber Threat Intelligence (CTI) program enabling proactive threat mitigation & response.
  • Partner with cross‑functional teams to drive security engineering projects and resilience initiatives.
  • Mentor and train team members, fostering a collaborative and growth‑oriented culture.
  • Engage externally with the broader security community through talks, publications, and knowledge sharing.
What We Look For
  • 7+ years of experience building and scaling Detection & Response programs aligned with international security, privacy, and regulatory frameworks, including GDPR, DORA, ISO 27001, and the UK NCSC Cyber Assessment Framework (CAF).
  • Proven ability to lead complex investigations and security incidents in cloud‑native environments (with strong preference for AWS and EKS).
  • Deep expertise in incident command, containment, and remediation, particularly in high‑pressure, fast‑moving scenarios.
  • Hands‑on experience with Security Operations tooling such as SIEM, EDR, and MDR platforms - e.g., Splunk, Elastic, Sentinel One, Crowd Strike, Red Canary, Expel, or similar technologies.
  • Proficiency in data ingestion and normalisation workflows, ensuring scalable and efficient…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search