Sr. Security Operations Engineer, Incident Response

Remote CANFull-TimeSenior

Salary150,000 - 200,000 CAD per year

Apply NowOpens the employer's application page

Job Details

5+ years of experience in Security Operations or Detection & Response, with strong hands-on incident response in cloud environments (AWS and EKS experience strongly preferred).
Proven ability to lead security incidents, including containment and remediation, in fast-moving environments.
Strong investigative and analytical skills, with the ability to synthesize signals from multiple data sources.
Experience with security tooling such as SIEM and EDR platforms (e.g., Splunk, Elastic, SentinelOne, CrowdStrike, or similar).
Solid understanding of cloud security concepts and their application in real-world scenarios.
Strong communication skills, with the ability to clearly convey information across technical and non-technical audiences.
Experience building or improving automation for incident response workflows (e.g., scripting in Python; infrastructure-as-code is a plus).

Lead and execute incident response efforts to protect Affirm’s systems, customers, and data.
Lead security incidents end-to-end, from detection and triage through containment, remediation, and post-incident review.
Act as incident commander, driving clear decisions and alignment across teams during high-pressure situations.
Conduct hands-on investigations across cloud and endpoint environments to determine root cause and impact.
Partner with Observability & Automation to improve detections, reduce noise, and build automated response playbooks.
Contribute to and refine incident response playbooks, runbooks, and documentation to improve readiness and consistency.
Collaborate with Security, Infrastructure, and Product teams to identify gaps and strengthen the incident response lifecycle.
Communicate effectively during incidents, providing clear updates to both technical and non-technical stakeholders.

View Full Description & ApplyYou'll be redirected to the employer's site