Security Risk Management Lead
$165k - $225kAffirm
Affirm is reinventing credit to make it more honest and friendly, giving consumers the flexibility to buy now and pay later without any hidden fees or compounding interest. Affirm values security as being critical to the company’s continued success. Our mission is to cultivate a culture of security at Affirm , enabling the company to succeed in building honest financial products. The Security Risk Management team is evolving beyond traditional governance, risk, and compliance; we are building an engineering driven program that designs, automates, and scales the controls, workflows, and tooling that protect Affirm and our customers. What You'll Do Lead and mature Affirm 's Security Third Party Program, including the design, implementation, and continuous improvement of processes, controls, and operational workflows Build and maintain automation that replaces manual GRC tasks: intake, triage, evidence collection, control validation, tracking, escalations, and reporting, using either Python, low code platforms, and agentic coding tools (Cursor, Claude, etc.) Design and operate workflow orchestration and integrations across systems like ticketing, GRC platforms, vendor management tools, identity providers, and cloud control planes Partner closely with Procurement, Legal, Engineering, IT, Compliance, Privacy, and business stakeholders to assess and manage security risk across third party relationships Translate ambiguous business and security requirements into practical, scalable program solutions and decision frameworks Identify opportunities to automate manual processes across the program and prototype solutions yourself rather than waiting on an engineering backlog Drive program operational excellence by establishing repeatable processes, service-level expectations, metrics, and reporting for third party security risk management Evaluate third party security controls, cloud architectures (AWS/GCP), integration patterns, and risk posture, and provide clear recommendations to stakeholders and leadership Conduct light threat models on high risk integrations and partner with Security SMEs for deeper diligence Manage and prioritize a portfolio of complex security risk reviews and initiatives simultaneously, balancing business enablement with risk reduction Partner with technical teams to implement or optimize systems and tools that support program automation and workflow orchestration Develop dashboards, reporting mechanisms, and program insights (SQL, BI tools, or custom tooling) that improve visibility into risk trends, bottlenecks, and program performance Act as a trusted advisor and SME on third party security risk management, helping stakeholders make informed, risk based decisions Contribute to the broader Security Risk Management strategy by identifying opportunities to scale, simplify, and strengthen security governance processes through engineering What We Look For 5+ years of experience in Information Security, Risk Management, Engineering and/or relevant roles Hands‑on experience using agentic coding tools (Cursor, Claude Code, Copilot, etc.) and a working knowledge of Python; you don't need to be a software engineer, but you should be fluent enough to read, modify, and run scripts, build automations, and ship small tools end‑to‑end Familiarity with cloud environments (AWS, GCP, or Azure) — IAM, logging, common services, and the security risks/controls that apply to cloud‑deployed third parties and integrations Excellent written and verbal communications skills Experience engineering solutions via Python, Claude, Cursor or other agentic coding tooling Experience with industry based information security & control frameworks (NIST Cyber Security Framework, ISO 2700x, SOC1&2(SSAE18), PCI DSS, NIST-800-53, FFIEC Cybersecurity Assessment Tool, SANS Top 20, etc.) BA or BS degree in Information Security, Cyber Security, Computer Science or related field or commensurate experience Attention to detail and experience with security practices and security tooling Demonstrated ability to drive projects towards completion Ability to understand and communicate technical issues to non‑technical teams Professional certification in Information Security or Risk Management (such as CISSP, CISM, CISA, CRISC, etc.) is a plus Base Pay Grade - L Equity Grade - 5 Employees new to Affirm typically come in at the start of the pay range. Affirm focuses on providing a simple and transparent pay structure which is based on a variety of factors, including location, experience and job-related skills. Base pay is part of a total compensation package that may include equity rewards, monthly stipends for health, wellness and tech spending, and benefits (including 100% subsidized medical coverage, dental and vision for you and your dependents). USA Pacific base pay range (CA, WA, NY, NJ, CT) per year: $165,000 - $225,000 USA Sapphire base pay range (all other U.S. states) per year: $146,000 - $206,000 Please note that visa sponsorship is not available for this position. Benefits Health care coverage - Affirm covers all premiums for all levels of coverage for you and your dependents Flexible Spending Wallets - generous stipends for spending on Technology, Food, various Lifestyle needs, and family forming expenses Time off - competitive vacation and holiday schedules allowing you to take time off to rest and recharge ESPP - An employee stock purchase plan enabling you to buy shares of Affirm at a discount We believe It’s On Us to provide an inclusive interview experience for all, including people with disabilities. We are happy to provide reasonable accommodations to candidates in need of individualized support during the hiring process. For U.S. positions that could be performed in Los Angeles or San Francisco, pursuant to the San Francisco Fair Chance Ordinance and Los Angeles Fair Chance Initiative for Hiring Ordinance, Affirm will consider for employment qualified applicants with arrest and conviction records. #J-18808-Ljbffr Affirm
- HP is seeking an experienced SOX Compliance Lead to join the Security, Risk Management, & Compliance team. The role manages the SOX program, coordinates with Engineering, IT, Internal Audit, and External Auditors, and drives ICFR effectiveness across IT controls. Ideal...SuggestedFull time
- Affirm is seeking a Security Risk Manager to lead the enhancement of its Security Third Party Program, focusing on automation and cross-functional collaboration. The role requires hands-on coding experience, especially in Python and agentic coding tools, while ensuring...Suggested
$105.05k - $161.8k
...seamlessly integrated, AI‑driven solutions, TIO is building a secure, consistent, and innovative software ecosystem that... ...a highly motivated and experienced SOX Compliance Lead to join our Security, Risk Management, & Compliance department which supports engineering in...SuggestedTemporary workLocal areaRelocationFlexible hoursShift work$140k - $185k
...: CRCL) is one of the world’s leading internet financial platform companies... ...product lifecycle by leading risk assessments, defining and... ...team and report to the Senior Manager, Product Compliance. In... ...with Product, Legal, Policy, Security, Enterprise Risk, Treasury, and...SuggestedFlexible hours- Affirm is seeking a Chief Information Security Officer (CISO) to lead its information security and cybersecurity programs. This key role involves... ...include program development, incident response, and risk management. The position offers a flexible, remote-first working arrangement...SuggestedRemote jobFlexible hours
$25 per hour
...Asset Living is a third-party management firm and a proven partner in fostering... ...believe 'Together We Lead, Together We Succeed’. We empower... ..., financial, administration & risk management in the absence of... ...-out charges, statements, and security deposit refunds. Personnel...Hourly payPermanent employmentFull timeFor contractorsNight shiftWeekend work- ...Description Job Description Job Summary: A Lead System Installer – Electrical Systems... ...and low-voltage systems, including security cameras, access control, and other... ...regulations. Collaborate with project managers, contractors, and clients. Maintain detailed...For contractors
- ...Securitas Global Clients America is looking for a Security Shift Supervisor in Gresham, OR. In this full-time role, you will supervise a team of security officers, ensuring safety protocols are followed and responding to incidents effectively. The position requires a...Full timeShift work
- ...opportunities all across the world which can lead to a unique, exciting and fulfilling... ...sensitive information such as Social Security numbers or bank details during the initial... ...upon the needs of the program and Project Management discretion, qualified individuals may be...Overseas
- Fred Meyer Jewelers is looking for a candidate to manage the Asset Protection department in Portland, Oregon. The role requires a high school diploma or GED and at least one year of experience in retail asset protection. The ideal candidate will have excellent attention...
- A leading security services provider in Downtown Portland is seeking an Armed Security Supervisor for full-time responsibilities. You will lead a security team, provide armed visual security, and collaborate with local law enforcement to maintain a safe environment. The...Full timeLocal area
$24.45 - $33 per hour
...in a massively growing market. We are a leading provider of high‑power semiconductor and... ...with supervisor and other team leads to manage and prioritize staffing assignments in accordance... .... This employer will provide the Social Security Administration (SSA) and, if necessary,...Hourly payTemporary workWork at officeImmediate startFlexible hoursShift work$16.3 - $21 per hour
...Functions / Responsibilities Prep and Portion Get prep list from Manager on Duty (MOD) and prep items according to the need of the shift... .../ Skills Knowledge of proper sanitation, food safety, and security procedures Excellent verbal communication and interpersonal skills...Hourly payShift work- Description MELE is seeking a site lead to support the Mobile Detection Deployment Program... ...in support of national and other special security events. The program is growing into the... ...of the MDDU force will be voluntary and managed on a rotational basis for scheduled events...Full timeContract workPart timeWork at officeImmediate start
$16.3 - $21 per hour
...Functions / Responsibilities Prep and Portion Get prep list from Manager on Duty (MOD) and prep items according to the need of the shift... ...& Skills Knowledge of proper sanitation, food safety, and security procedures. Excellent verbal communication and interpersonal skills...Hourly payShift work- Brown & Brown is seeking a Claims and Risk Manager to join our Portland, OR team. This hybrid role balances client meetings and field visits with a flexible work-from-home schedule. You will develop risk management strategies, advocate for clients through claims, and collaborate...Work from homeFlexible hours
- .... Found is building tools that give small business owners the security and peace of mind that has historically only been available at... ...owners already trust. We're looking for a Growth Partnerships Manager to go out, find those partners, and turn them into one of Found...Contract workSelf employmentRemote workFlexible hours
- All Pro Security, Inc. is looking for a Business Development Manager - Security Solutions in Portland, OR. This role focuses on developing new business in the Portland metro area, requiring a strong hunter mentality and experience in B2B sales. You will have opportunities...
$160.09k - $228.7k
A leading engineering firm is seeking a Transmission Front-End Engineering & Design Lead to oversee technical aspects of transmission proposals and projects, focusing on risk management and team leadership. Ideal candidates will have a Bachelor's degree in engineering,...Full time- Insight Global is seeking a Tool Install Project Manager for a leading semiconductor client. You will lead planning and execution of multi‑million... ...and external contractors to ensure safe factory readiness, risk management, and on‑time production handoffs that support...For contractors
- Twist Bioscience is seeking a Staff Commodity Business Manager to oversee strategic sourcing activities for production and new product introduction... ...requires a focus on spend analytics, supplier selection, and risk management, with an emphasis on collaboration and communication....Work at officeRemote work
$120.18k - $172.81k
At HDR, the Trenchless Geotechnical Team Lead will report to the Trenchless Services Engineering... ...and will be responsible for planning, managing, and orchestrating geologic and... ...performing workload forecasting, scheduling, risk management, and mentoring. Preferred Qualifications...Local areaRemote work- Motorola Solutions seeks a Senior Information Security Compliance Analyst in Portland to lead regulatory and contractual compliance across the security program. You will drive audits, risk assessments, and remediation efforts, collaborating with cross-functional teams...
- NAVEX seeks an experienced RFP Manager to spearhead strategic customer responses across its global operations. In this role, you will... ...ensuring high-quality, compliant submissions for complex RFPs and security questionnaires. The ideal candidate will possess over five...
$18.5 - $20.5 per hour
...seeking a Youth Development Professional Art Lead to facilitate engaging, year-round youth... ...resolution and restorative practices to manage behavior.Support youth in developing... ...national criminal background check, a Social Security verification, a local criminal background...Hourly paySummer workLocal areaMonday to Friday- EY is seeking multiple Senior Managers for their National Consulting Cybersecurity practice to lead transformation initiatives and build Microsoft Enterprise Platform... ...will focus on delivering solutions across AI, security, and cloud while collaborating with diverse...
$172k - $250k
...seeking a Director of Information Security Audit & Compliance to join the... ...Audit & Compliance to lead and scale a global audit and compliance... ...global delivery centers, managing internal and external audits,... ...remediation plans. Governance, Risk & Control Framework Align...InternshipSeasonal workWork at officeLocal areaFlexible hours3 days per week- ...businesses in our KeyBank communities. As a Lead Teller, you act as a resource in... ..., and branch compliance with regulatory, security, and internal audit controls. Essential Functions... ...the cash drawer within guidelines. Manage day‑to‑day teller line duties, including...Hourly payDay shift
- ...Job Description Job Description At Vector Security We Think Big, Do the Right Thing, and Make a Difference Every Day! If this is how... ...to work, we’d like to invite you to join our team as our new Lead Systems Technician! We offer great benefits, a competitive salary...Temporary workLocal areaMonday to FridayFlexible hoursDay shift
- Servexo, Inc. is looking for a dedicated Security Supervisor in Portland, Oregon. This full-time role requires overseeing security personnel, ensuring all posts are adequately covered, and managing training. Ideal candidates have at least 5 years of supervisory experience...Full timeMonday to Friday
Do you want to receive more vacancies?
Subscribe and receive similar vacancies to Security Risk Management Lead. Be the first to apply!


