AffiniPay is a leading fintech company, based out of Austin, Texas. As the market leader in professional services payments and practice management software, AffiniPay’s tech products serve legal, accounting, architectural, engineering and construction firms. AffiniPay has been recognized as one of Inc. 5000’s fastest growing companies in the U.S. for 13 years in a row, and as a result, our teams continue to grow as well!
This is a hands-on leadership role for someone who thrives on elevating security practices from tactical execution to an integrated, metrics-driven, cross-functional program. You'll help modernize how we detect, respond to, and mitigate risk, leveraging AI-enabled platforms like CrowdStrike, Vanta, and Snyk, while also identifying new opportunities to integrate AI to improve security efficiency, reduce alert fatigue, and increase visibility. This role is essential to our company-wide AI adoption effort and directly contributes to AffiniPay’s Value Creation Plan (VPC).
What You’ll Do
Own the implementation, configuration, and operationalization of information security platforms (e.g., CrowdStrike, Security Hub, GuardDuty, Vanta, DataGrail)
Ensure CrowdStrike and similar tools are correctly configured and deployed, in partnership with the Information Security Engineer, to achieve intended coverage and effectiveness
Lead monitoring, tuning, and stakeholder engagement for suspicious findings or platform alerts, ensuring clear triage and response workflows
Oversee the security posture for access controls, logging, and backups, ensuring relevant data is collected and ingested into NG SIEM or other detection pipelines
Track the effectiveness of tooling, identify opportunities to improve alert fidelity, and eliminate coverage gaps
Evaluate opportunities to increase automation and efficiency through AI capabilities within existing tools (e.g., CrowdStrike, Vanta, Snyk) and recommend adoption of new platforms that align with our AI growth goals
Lead experimentation or pilot efforts to improve security signal triage, anomaly detection, and risk prediction through AI/ML-powered capabilities
Own the identification, evaluation, and documentation of security-related risks across infrastructure, applications, and third-party services
Develop and maintain actionable risk treatment plans in collaboration with stakeholders, balancing mitigation, acceptance, and investment tradeoffs
Partner with the VP of Information Security to maintain visibility into top risks, contribute to executive-level risk dashboards, and align controls to actual exposure
Ensure that AffiniPay’s cloud environments (AWS, Terraform-managed infrastructure) meet commercial security best practices and evolving compliance obligations
Partner with Infrastructure, DevOps, and DevX to assess and remediate gaps in governance, process documentation, or control ownership
Drive alignment around security configurations, automation guardrails, and baseline control requirements across brands
Own security control operations for frameworks, including SOC 2 Type 2, PCI DSS 4.0, and other in-scope privacy obligations
Ensure evidence collection, documentation, and audit support are proactively maintained
Maintain clear ownership of control domains, including logging, monitoring, asset management, backup validation, encryption, and vendor risk support
Build and maintain repeatable, data-driven security metrics and KPIs at the team, department, and executive levels
Identify or implement tools and workflows to assist in automated data gathering, reporting, and visualization
Use metrics to support risk reduction decisions, program transparency, and budget justification for future investment
Contribute to company-wide AI metrics by helping establish security-specific AI adoption benchmarks, efficiency gains, or automation outcomes related to platform usage and team productivity
Support incident response preparation through tabletop exercises, playbook development, and role clarity across functions
Partner with Engineering and business stakeholders to triage alerts, classify severity, and coordinate cross-team responses
Maintain ownership of detection platforms and ensure findings are actionable, prioritized, and communicated to the appropriate teams
Provide guidance, support, and tactical leadership to Information Security Engineers and Compliance staff
Serve as a point of contact across departments, building trust and driving execution without escalation
Help build bench strength and resiliency across the InfoSec function by identifying training needs, process gaps, and staffing signals
About You
6+ years of progressive experience in information security, cybersecurity engineering, or security risk management
Proven ability to operationalize controls under PCI DSS, SOC 2 Type 2, or similar regulatory frameworks, with audit support and remediation tracking
Demonstrated ownership of InfoSec risk identification, analysis, and mitigation, with ability to drive collaborative treatment planning across stakeholders
Hands-on experience with cloud security architecture (AWS required), including IAM, logging, encryption, GuardDuty, Security Hub, and Terraform-based infrastructure
Familiarity with security platform management and tuning, including CrowdStrike, Vanta, and Snyk, and comfort leading tool implementation and maturity roadmaps
Experience building and maintaining department-level metrics or KPIs tied to security program performance or audit readiness
Ability to translate technical risk into business impact and present findings to stakeholders
Track record of influencing cross-functional teams without direct authority and delivering on cross-team security initiatives
Experience evaluating or deploying AI- or ML-enhanced platforms in the security, compliance, or detection space (e.g., CrowdStrike, Vanta, Snyk)
Demonstrated ability to identify automation or AI opportunities to reduce manual workflows, improve detection, or accelerate compliance assurance
Comfort working with technical teams on AI/LLM integrations, anomaly detection enhancements, or AI-powered reporting
Nice to Have
Certifications: CISSP, CISM, CCSP, AWS Security Specialty, or equivalent
Experience supporting privacy operations tools and workflows (e.g., DataGrail)
Experience with metrics automation or dashboard platforms (e.g., Vanta, Power BI, Looker)
Exposure to legaltech, fintech, or multi-brand SaaS environments with compliance or regulatory complexity
Familiarity with AI/ML platforms in the security or compliance space, including AI-enhanced SIEM, automated compliance evidence tools, or large language model (LLM) integrations for incident or alert summarization
Experience with AI-enhanced security tooling (e.g., SIEMs with ML models, large language models for alert summarization or evidence automation)
Prior involvement in evaluating or deploying AI technologies as part of a security program modernization effort
Familiarity with AI governance, explainability, and responsible AI principles in the context of security and compliance
Our Story
Founded in 2005, AffiniPay’s mission is to build technology products that helps professionals focus on the work they love. As the leader in the professional payments industry, AffiniPay’s products serve legal, accounting, architectural, engineering and construction firms. Our portfolio of software solutions include MyCase (Legal Practice Management Software), CASEpeer (Practice Management for Personal Injury Firms), and Docketwise (Immigration & Case Management Software). Our portfolio of payment solutions include LawPay (Legal), AffiniPay for Associations (Associations), CPACharge (Accounting Professionals), and ClientPay (Architect, Engineer, and Construction). AffiniPay’s products serve over one hundred thousand users, and we are noted as one of the fastest growing tech companies in Austin, Texas. We are constantly looking for talent to join our team to continue playing a key part in unlocking our potential.
Diversity, Equity & Inclusion at AffiniPay
At AffiniPay, we recognize that innovation occurs with a strong team of people who are diverse in background, personality, talent and ideas. Experience comes in many forms and ensuring a diverse and inclusive workplace where we continue to learn from each other is an integral part of our culture. We are committed to creating a welcoming and transparent environment for all that embraces those differences through education, equal access to opportunities and information, inclusionary programs, and community outreach.
B
enefits that Benefit You!
As a people first culture, we believe it is important that our teammates are happy, healthy, and productive. In order to best support that, AffiniPay provides award-winning benefits that can make a difference in your life - right now and for the future.
All employees receive fully covered medical, dental and vision coverage
- Choose from our 2 available health plans based on what fits you and/or your family!
Have some fur babies?
- We offer them insurance too!
RELAX and enjoy your time away with our flexible paid time off policy!
We will help you plan for your future
- 401K, or RRSP if in Canada, with a company match
Competitive compensation
packages that include mid-year and end-of-year bonuses and equity options for all full-time employees
Health Wellness Program
that includes nutrition consultations, mental health apps, and access to discounted memberships
Have plans to grow your family?
- Parental resources, including 16 weeks of paid time off for primary caregivers
Professional development opportunities
including mentorships, leadership programs and our AffiniPayU courses
We believe it is important to give back with our
Matching Gift Program and organizedactivities focused on donations, volunteerism and supporting the local communities throughout the country
D&I initiatives
provide educational opportunities regarding multicultural issues, tolerance, and celebrating diversity among our entire staff
An incredible, in-office experience at our headquarters in Austin and San Diego
including free lunch delivery, a fully stocked kitchen, and some “sweet” surprises for those afternoon pick-me-ups
Security Advisory
Our hiring teams at AffiniPay are dedicated to recruiting top talent that share our passion for serving the professional services industry through innovative financial technology. As such, our Talent Acquisition Team only follows legitimate hiring practices. We will always communicate with our candidates using emails with the AffiniPay domain and will never ask for sensitive/personal data during the application process. All interviews take place over phone call, Zoom/Google Meet or in person. All offers are communicated verbally by our Talent Acquisition Specialists with a written offer letter as a follow up.
Apply for this job
*
indicates a required field
First Name *
Last Name *
Email *
Phone *
Resume/CV *
Enter manually
Accepted file types: pdf, doc, docx, txt, rtf
Enter manually
Accepted file types: pdf, doc, docx, txt, rtf
How did you hear about us? Select...
Have you previously worked for AffiniPay? * Select...
Will you now or in the future require visa sponsorship for employment? * Select...
In what countries are you legally authorized to work in? * Select...
#J-18808-Ljbffr
See details and apply
Senior Information Security Manager