Senior Security Engineer: Forge the Future of Global FinTech Security at Airwallex
Are you a hands-on Senior Security Engineer with a passion for building robust defenses in a high-growth, global environment? Do you thrive on tackling complex, high-visibility problems and making a tangible impact? Airwallex invites you to join our elite Information Security team, where you'll be instrumental in protecting the unified payments and financial platform trusted by over 200,000 businesses worldwide.
About Airwallex: Redefining Global Finance
Airwallex isn't just a company; we're a movement. As the only unified payments and financial platform built on proprietary infrastructure and software, we empower global businesses – from Brex to Qantas – to manage accounts, payments, spend, treasury, and embedded finance on an unprecedented scale. Founded in Melbourne and now a global force with over 2,000 innovators across 26 offices, we're valued at US$8 billion and backed by leading investors like Visa, Mastercard, and Sequoia. If you're ready to do the most ambitious work of your career, where every line of code secures the future of global banking, Airwallex is your stage.
The Impact You'll Make: Our Security Ethos
We're seeking successful builders with founder-like energy, who crave real impact, accelerated learning, and true ownership. You bring sharp thinking, deep expertise, and a relentless drive, motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor. You're humble, collaborative, and adept at turning zero-to-one ideas into real products. We embrace AI to work smarter and solve problems faster. Here, you'll join exceptional teammates to build the future of global finance, securing it every step of the way.
Your Mission as a Senior Security Engineer
Reporting directly to the Product Security Engineering Manager, you will be a trusted and critical member of our Information Security team, collaborating closely with Infrastructure, Product, and Engineering teams across the business. This is a dynamic, hands-on role where your expertise will be pivotal in designing, developing, and managing security infrastructure projects, processes, and standards for our networks, systems, and applications. You will be on the front lines, helping to identify, protect, detect, respond to, and recover the organization from advanced cybersecurity threats.
What You'll Be Building & Defending: **Strategic Security Partnership:** Collaborate with engineering teams to analyze new and existing applications, software, and services, driving robust security improvements and embedding security by design. What You'll Bring to the Team Minimum Qualifications (Must-Have): **Experience:** 5+ years of hands-on experience in a security engineering or incident response role within a dynamic tech company. Highly Desired (Bonus Points): **Education:** Bachelor's degree in Cybersecurity, Computer Science, or a related field. Our Commitment to You Applicant Safety Policy: Protecting You from Scams
**Next-Gen Security Controls:** Design, develop, test, and evaluate innovative security controls tailored for our rapidly expanding global business.
**Proactive Threat Hunting & Incident Response:** Lead incident response efforts and actively hunt through diverse log sources to uncover emerging threats and sophisticated attack patterns.
**Custom Detection Engineering:** Design and implement bespoke detection strategies and workflows to enhance our incident response lifecycle and automate threat identification.
**Secure System Lifecycle:** Analyze, develop, integrate, test, operate, and maintain secure systems from conception to deployment and beyond.
**Data-Driven Threat Mitigation:** Leverage data from a variety of endpoint, network, and cloud tools (e.g., EDR, authentication systems, firewalls, network traffic logs) to meticulously analyze, identify, and effectively mitigate threats.
**Cybersecurity Infrastructure Development:** Architect, test, implement, deploy, and maintain critical cybersecurity infrastructure projects that scale with our global platform.
**Incident Investigation & Resolution:** Lead investigations, analyze, and respond to cybersecurity incidents within the complex Airwallex environment, minimizing impact and ensuring rapid recovery.
**Vulnerability & Configuration Management:** Perform comprehensive assessments of systems and networks to identify deviations in configurations and policies, pinpoint vulnerabilities, and support effective mitigation and remediation strategies.
**Threat Intelligence & Exploitation:** Conduct collection, processing, and/or geolocation of threats to exploit, locate, and/or track adversary cybersecurity infrastructure.
**Network & Forensic Operations:** Execute advanced network navigation, conduct tactical forensic analysis, and lead defensive operations against active threats.
**Digital Forensics:** Identify, collect, examine, and preserve digital forensic evidence using advanced analytical and investigative techniques.
**Cloud Expertise:** In-depth experience with at least one major cloud platform (AWS, Azure, GCP).
**DevSecOps Acumen:** Strong knowledge of common software development tools and infrastructure, including CI/CD tooling and pipelines, with a security-first mindset.
**Threat Intelligence:** Comprehensive understanding of common attacker tools and techniques (TTPs), how they can be detected and prevented, and the ability to respond to incidents with high depth and quality of investigation.
**Communication:** Strong communication skills with the ability to clearly explain complex technical security and software concepts to both technical and non-technical audiences.
**Growth Mindset:** A passion for solving the intricate challenges inherent in high-growth startups.
**Self-Starter:** Self-motivation and drive to continuously learn new skills or deepen existing expertise.
**Certifications:** Recognized industry cybersecurity certifications (e.g., OSCP, GIAC, CEH).
**Security Tooling:** Strong experience with Splunk and other common security monitoring and SIEM tools.
**Container Orchestration:** Past DevOps/SRE experience, specifically with Kubernetes.
**Cloud Diversity:** Experience with GCP or Alibaba Cloud (with or without certification).
**Identity & Access Management:** Experience with Okta, GSuite, and cloud-based VPN services.
**Programming Proficiency:** Experience with Python, Java/Kotlin.
**Thought Leadership:** Published articles, journals, or blogs related to cybersecurity.
Airwallex is proud to be an equal opportunity employer. We value diversity and consider all applicants based on merit, qualifications, competence, and talent, without regard to any legally protected status. If you have a disability or special need that requires accommodation, please let us know.
To safeguard you from recruitment scams, please be aware that Airwallex will never ask for bank details, sensitive ID numbers (i.e., passport), or any form of payment during the application or interview process. All official communication will come from an @airwallex.com email address. Please apply only through careers.airwallex.com or our official LinkedIn page.
Airwallex does not accept unsolicited resumes from search firms/recruiters. We will not pay any fees to search firms/recruiters if a candidate is submitted by them unless an agreement has been entered into for specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.