Job Description
The Senior Product Security Engineer candidate will have experience building and architecting software as part of a larger team. The ideal candidate will work effectively with product and engineering teams to evaluate and influence product requirements, design, and implementation to improve the security of Affirm’s products.
Architect and implement scalable CIAM solutions for both B2C and B2B platforms, integrating identity services such as registration, authentication, authorisation, and profile management. Design and maintain identity federation and SSO integrations using standards like OAuth 2.0, OIDC, SAML, and SCIM to support customer and partner ecosystems.
Enhance customer experience by optimising secure login flows, progressive profiling, MFA/biometric adoption, and adaptive authentication mechanisms.
Develop and maintain APIs enabling seamless integration of CIAM capabilities across web, mobile, and partner applications. Collaborate with security and compliance teams to ensure adherence to privacy regulations (GDPR, CCPA) and implement identity governance and consent management frameworks. Automate CIAM infrastructure and workflows, leveraging DevOps practices, IaC (e.g., Terraform), and CI/CD pipelines to ensure reliability and repeatability. Monitor and optimise performance and security posture, including threat detection, anomaly response, and continuous improvement of authentication systems.
About Affirm
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest.