Application Security Engineer
Who we are:
Established in Melbourne in 2015, Airwallex is a global payments fintech transforming the way businesses move and manage money domestically and internationally. In today's fast-changing digital era, our purpose is to empower businesses of all sizes to grow in their own markets and around the world, and by doing so, contribute to the global economy. With technology at our core, we built a proprietary global financial infrastructure platform to help businesses transact, collect and pay in any foreign currency across 130+ countries and 50+ currencies, without the constraints of the traditional global financial system. In just five years since we were founded, Airwallex has grown to become Australia's fastest-growing fintech unicorn and a well-funded international technology leader backed by world-leading investors. Our leadership, innovation and scale have been recognised and awarded by leading independent authorities, such as listing in Forbes' Cloud 100 2020, and placing in the Top 50 of KPMG's Global Fintech100 two years in a row. To support our ambitious growth plans, we're looking to expand our global teams with smart, driven and passionate individuals who are excited about joining our rocketship and taking on the challenge of a lifetime. The Role:
As an Application Security Engineer, you will sit within our Security team and work closely with all product and engineering teams across the business. Reporting directly to the CTO, this role will see you being a critical part of defending both Airwallex and 1000s of our customers by building our application security program and making our platform as secure as possible.
As Airwallex continues its global expansion, security is of the utmost importance and your day to day work will ensure that the Product and Engineering teams have the confidence to build and release products as quickly as possible without compromising security. From actively identifying vulnerabilities, to partnering with engineers to help prevent vulnerabilities ever existing, your role requires you to get deep into the code base while interacting with and educating the broader business on security best practices.
What you will do:
- Review the Airwallex platform and products' code to identify security issues and help engineers find more secure solutions
- Proactively work with our product and engineering teams to assess risk and provide policy guidance on secure code review and best practices
- Be the advocate for security architecture best practices across the Product and Engineering organisation, including secure configuration and deployment of new infrastructure and services
- Educate the engineering and product teams on what secure code and design looks like and why it is important
- Continually test our applications, both internally and externally
- Keep up to date across the latest threats and attack techniques and how they apply to our platform
- Coordinate and manage third party application security reviews and penetration tests
- Set standards for identity and access management across the platform
- Review our use of cloud providers, identify risk areas, and help mitigate them
What you will bring:
- At least 5 years experience in information security
- In depth understanding of common attacker tools and techniques, and how they are can be exploited by insecure development practices
- A passion for solving problems
- Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience
- Experience with Kotlin, Typescript, NodeJS, and Kubernetes is a plus
- Experience with GCP and Alibaba Cloud
- Experience with vulnerability assessment tools
- Bachelor's degree in Computer Science or similar is preferred
- Any additional training, security certifications, or history of responsible disclosure is a big plus, such as GIAC certifications, OSCP or your HackerOne profile or other bug bounty programs
At Airwallex we like to ensure we create the best environment for our people providing a collaborative open office space, PlayStation and table tennis to unwind, a fully stocked kitchen which includes breakfast, snacks, fruit, beers, you name it! We also organise regular team building events, encourage flexible/remote working and offer learning and development opportunities. Most importantly, we give our people the freedom to be creative.
Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard colour, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status. If you have a disability or special need that requires accommodation, please let us know.