Application Security Engineer

Airwallex is the leading financial technology platform for modern businesses growing beyond borders. With one of the world’s most powerful payments and banking infrastructure, our technology empowers businesses of all sizes to accept payments, move money globally, and simplify their financial operations, all in one single platform. 
Established in 2015 in Melbourne, our purpose is to connect entrepreneurs, business builders, makers and creators with opportunities in every corner of the world. Today, Airwallex has a global footprint across Asia-Pacific, Europe, and North America.
Your role
As an Application Security Engineer, you will sit within our Security team and work closely with all product and engineering teams across the business. This role will see you being a critical part of defending both Airwallex and our many customers by building our application security program and making our platform as secure as possible.
As Airwallex continues its global expansion, security is of the utmost importance and your day to day work will ensure that the Product and Engineering teams have the confidence to build and release products as quickly as possible without compromising security.
From actively identifying vulnerabilities, to partnering with engineers to help prevent vulnerabilities ever existing, your role requires you to get deep into the code base while interacting with and educating the broader business on security best practices.

What you'll be doing

• Review the Airwallex platform and products' code to identify security issues and help engineers find more secure solutions.
• Proactively work with our product and engineering teams to assess risk and provide policy guidance on secure code review and best practices.
• Be the advocate for security architecture best practices across the Product and Engineering organisation, including secure configuration and deployment of new infrastructure and services.
• Educate the engineering and product teams on what secure code and design looks like and why it is important.
• Continually test our applications, both internally and externally.
• Keep up to date across the latest threats and attack techniques and how they apply to our platform.
• Coordinate and manage third party application security reviews and penetration tests.
• Set standards for identity and access management across the platform.
• Review our use of cloud providers, identify risk areas, and help mitigate them.

What you'll bring

• A passion for solving the complex challenges of high-growth startups.
• Experience with GCP and Alibaba Cloud.
• Self motivation and drive to learn new skills, or dive deeper into existing skills.
• In depth understanding of common attacker tools and techniques, and how they are can be exploited by insecure development practices.
• Experience with vulnerability assessment tools.
• Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience.
• Experience with Kotlin, Typescript, NodeJS, and Kubernetes is a plus.
• Any additional training, security certifications, or history of responsible disclosure is a big plus, such as GIAC certifications, OSCP or your HackerOne profile or other bug bounty programs.
• Published articles, journals or blogs related to cybersecurity.

When you join Airwallex, You Choose "Bigger Growth Opportunities."In 2022 as a Global business, we achieved the following:- Series E stage, total funding of USD $900 Million, $5.5B valuation- Expanded into new markets- Forged partnerships with Shopify, Hubspot, Plaid, Trip Actions/Navan, Agoda, and Qantas- We launched our Scholarship Partnership with The University of Melbourne- Asia FinTech Awards: Team of the Year, Fintech of the Year- Xero Awards Australia: Financial Services App of the Year- Top 100 Women in Fintech: #40 Lucy Liu, Co-Founder of Airwallex - Over 37% of our Australian team were promoted last year
Life at Airwallex:💸We commit to industry-leading salaries and rewards  💲We share our business success through every employee receiving equity💻 Flexible working available, plus two epic working spaces in the heart of Melbourne and Sydney🥗On-site snacks, think fully stocked fridges, beers, ice-creams and catered social lunches🧘Access to our mental wellness platform to provide personalised, private support, including coaching and EAP sessions🎂 Enjoy a paid day off on your birthday to celebrate YOU👪Generous parental leave, baby bonding leave, and pregnancy loss leaves💵Paid community and volunteer leave 💸Generous Employee Referral Program rewards for referring top talent✈️ Explore the world - You have the opportunity to work from anywhere in the world for up to 3 months each year🦄 Accelerate your career - We've reached consistent unicorn status and our people are a huge part of this.  Airwallex is the place where you can grow to your full potential, with more than a third of our Australian team promoted last year
Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don’t regard colour, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status. If you have a disability or special need that requires accommodation, please let us know.