Sr. Security Operations Engineer, Incident Response
A
AffirmFintech
Remote CanadaFull-TimeSenior
Salary150,000 - 200,000 CAD per year
Apply NowOpens the employer's application page
Job Details
- Experience
- 5+ years of experience in Security Operations or Detection & Response
- Required Skills
- AWSPythonElasticSearch
Requirements
- 5+ years of experience in Security Operations or Detection & Response
- Strong hands-on incident response in cloud environments (AWS and EKS experience strongly preferred)
- Proven ability to lead security incidents, including containment and remediation, in fast-moving environments
- Strong investigative and analytical skills, with the ability to synthesize signals from multiple data sources
- Experience with security tooling such as SIEM and EDR platforms (e.g., Splunk, Elastic, SentinelOne, CrowdStrike, or similar)
- Solid understanding of cloud security concepts and their application in real-world scenarios
- Strong communication skills, with the ability to clearly convey information across technical and non-technical audiences
- Experience building or improving automation for incident response workflows (e.g., scripting in Python; infrastructure-as-code is a plus)
Responsibilities
- Lead and execute incident response efforts to protect Affirm’s systems, customers, and data.
- Lead security incidents end-to-end, from detection and triage through containment, remediation, and post-incident review.
- Act as incident commander, driving clear decisions and alignment across teams during high-pressure situations.
- Conduct hands-on investigations across cloud and endpoint environments to determine root cause and impact.
- Partner with Observability & Automation to improve detections, reduce noise, and build automated response playbooks.
- Contribute to and refine incident response playbooks, runbooks, and documentation to improve readiness and consistency.
- Collaborate with Security, Infrastructure, and Product teams to identify gaps and strengthen the incident response lifecycle.
- Communicate effectively during incidents, providing clear updates to both technical and non-technical stakeholders.
View Full Description & ApplyYou'll be redirected to the employer's site
