RemoteLeaf Logo
Log in Sign up

Security Risk Management Lead

6 hours, 54 minutes ago
United States
Full-time
Senior
Penetration Tester
Cybersecurity
AWS Azure GCP Python SQL
Apply Now
Affirm

Affirm

Affirm offers a transparent buy now, pay later service founded in 2012 by Max Levchin. No late fees or surprises, just a responsible way to pay over time for your favorite brands.

Diversified Financial Services
1K-5K
Founded 2012
View All Jobs 149

Description

  • Lead and mature Affirm's Security Third Party Program, including process design, implementation, and continuous improvement.
  • Build and maintain automation for manual GRC tasks such as intake, triage, evidence collection, control validation, tracking, escalations, and reporting.
  • Design and operate workflow orchestration and integrations across ticketing, GRC, vendor management, identity, and cloud systems.
  • Partner with Procurement, Legal, Engineering, IT, Compliance, Privacy, and business stakeholders to assess third party security risk.
  • Translate ambiguous business and security requirements into scalable program solutions and decision frameworks.
  • Identify opportunities to automate manual processes and prototype solutions independently.
  • Establish repeatable processes, service-level expectations, metrics, and reporting for third party security risk management.
  • Evaluate third party controls, cloud architectures, and risk posture, and provide clear recommendations to stakeholders and leadership.
  • Conduct light threat models on high-risk integrations and partner with security subject matter experts for deeper diligence.
  • Develop dashboards, reporting mechanisms, and program insights to improve visibility into risk trends, bottlenecks, and performance.

Requirements

  • 5+ years of experience in Information Security, Risk Management, Engineering, or a related field.
  • Hands-on experience with agentic coding tools such as Cursor, Claude Code, or Copilot.
  • Working knowledge of Python, including the ability to read, modify, and run scripts and build small automations end to end.
  • Familiarity with cloud environments such as AWS, GCP, or Azure, including IAM, logging, and common services.
  • Experience with information security and control frameworks such as NIST Cyber Security Framework, ISO 2700x, SOC 1/2 (SSAE18), PCI DSS, NIST-800-53, FFIEC Cybersecurity Assessment Tool, or SANS Top 20.
  • BA or BS degree in Information Security, Cyber Security, Computer Science, or a related field, or equivalent experience.
  • Excellent written and verbal communication skills.
  • Attention to detail and experience with security practices and security tooling.
  • Demonstrated ability to drive projects to completion.
  • Ability to explain technical issues to non-technical teams.
  • Professional certification such as CISSP, CISM, CISA, or CRISC is a plus.
  • Experience engineering solutions using Python, Claude, Cursor, or other agentic coding tools.

Benefits

  • Base salary range of $146,000-$206,000 for most U.S. states and $165,000-$225,000 for Pacific states.
  • Equity compensation, including Equity Grade 5 and potential equity rewards.
  • Remote-first work environment with flexibility to work almost anywhere in the country of employment.
  • 100% subsidized medical coverage, including dental and vision for employees and dependents.
  • Monthly stipends or flexible spending wallets for technology, food, lifestyle needs, and family-forming expenses.
  • Competitive vacation and holiday schedules.
  • Employee stock purchase plan (ESPP) with the ability to buy Affirm shares at a discount.
  • Visa sponsorship is not available for this position.

Interested in this position?

Apply directly on the company website

Apply Now

Similar Roles

Bitly

Senior Manager, Global Events (R5110)

Bitly 51-250 Internet Software & Services

Shield AI is hiring a Senior Manager, Global Events to lead worldwide event strategy and execution across Field Marketing, Business Development, Product, and Marketing, with the goal of driving measurable pipeline impact.

Anywhere Full-time Senior Program Manager
$140k-$210k
Asana Salesforce
1 hour, 9 minutes ago
Anduril Industries

Chief Engineer, Radar

Anduril Industries 1K-5K Aerospace & Defense

Anduril Industries is seeking a Chief Engineer to lead radar product definition, technical roadmap planning, and development for its Battlespace Awareness Radar team supporting defense customers.

United States Full-time Lead Program Manager
$219k-$290k
Confluence JIRA
1 hour, 12 minutes ago
Oowlish

Head of Delivery (.NET, Angular & Agentic AI)

Oowlish 51-250 Internet Software & Services

Oowlish is seeking a Head of Delivery to lead multiple engineering squads supporting a large-scale modernization initiative with international clients.

Brazil Full-time Lead Program Manager Technical Lead
Angular Microservices .NET
1 hour, 16 minutes ago
Puck

Engagement Manager Lead

Puck 1-10 Internet Software & Services

Domino is hiring a Customer Engineering leader to own enterprise AI customer programs from implementation through expansion, ensuring successful delivery, adoption, and growth for regulated and large-scale organizations.

United States Full-time Senior Customer Success Manager Program Manager
$250k-$275k
MLOps
1 hour, 20 minutes ago

You're on a roll! Sign up now to keep applying.

Sign Up

Already have an account? Log in

Used by 14,729+ remote workers