Staff Security Operations Engineer, (Detection & Response Lead)

7+ years of experience building and scaling Detection & Response programs aligned with international security, privacy, and regulatory frameworks (GDPR, DORA, ISO 27001, UK NCSC CAF). Proven ability to lead complex investigations and security incidents in cloud-native environments (AWS and EKS preferred). Deep expertise in incident command, containment, and remediation. Hands-on experience with Security Operations tooling (SIEM, EDR, MDR platforms like Splunk, Elastic, SentinelOne, CrowdStrike, Red Canary, Expel). Proficiency in data ingestion and normalisation workflows. Exceptional communication and leadership skills.

Lead and expand Affirm’s Security Incident Response Program within Europe. Lead the design and implementation of compliant security data strategies. Act as Incident Commander during large-scale security events. Serve as the technical escalation point for investigations and incidents. Develop and refine incident response playbooks, detection pipelines, and automations. Provide briefings and updates to diverse audiences. Contribute to our detection program by creating advanced detections. Contribute to our Cyber Threat Intelligence (CTI) program. Partner with cross-functional teams to drive security engineering projects. Mentor and train team members.