Senior Manager, Security Risk Management

Affirm is seeking a Senior Manager to lead its Security Governance and Third-Party Risk Management (TPRM) functions. This role is pivotal in shaping the company's security posture by developing and maintaining security policies, standards, and control frameworks aligned with industry standards such as NIST CSF and ISO 27001. The successful candidate will drive program strategy, operational maturity, and stakeholder alignment to ensure robust security governance and effective management of third-party risks.

Key responsibilities include overseeing the entire vendor lifecycle—from intake and due diligence to ongoing monitoring and offboarding—while ensuring compliance with relevant regulations and standards like SOC2 and PCI. The role also involves leading cross-functional governance forums, defining security risk appetites, and implementing tooling and automation to enhance operational efficiency. Additionally, the Senior Manager will act as the primary security contact for various departments, including Legal, Procurement, Privacy, Product, and Engineering, and will represent the Security team in executive forums and regulatory engagements.

The ideal candidate will have over seven years of experience in information security, risk management, or governance, risk, and compliance (GRC) roles, with at least three years in a managerial capacity. A strong understanding of security frameworks and compliance standards is essential, along with hands-on experience with TPRM/GRC tools and observability platforms. Excellent stakeholder management and communication skills are crucial, as is the ability to translate audit findings into actionable remediation plans. Relevant certifications such as CISSP, CISM, or CRISC are preferred.

Affirm offers a comprehensive benefits package, including fully covered health care premiums for employees and their dependents, flexible spending accounts for various lifestyle needs, generous time-off policies, and an employee stock purchase plan. The company fosters a culture of inclusivity and continuous learning, providing ample opportunities for professional growth and development. Joining Affirm means contributing to a mission-driven organization committed to creating honest financial products that improve lives.