Staff Security Engineer

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 150,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale.

Proudly founded in Melbourne, we have a team of over 1,700 of the brightest and most innovative people in tech across more than 37 locations around the globe. Valued at US$5.6 billion and backed by world-leading investors including Sequoia, Lone Pine, Greenoaks, DST Global, Salesforce Ventures and Mastercard, Airwallex is leading the charge in building the global payments and financial platform of the future. If you’re ready to do the most ambitious work of your career, join us.

About the team

The Airwallex Information Security Team is a high calibre and highly proactive team that works across our infrastructure, app security, Corporate IT and broader engineering functions.

What you’ll do

As a Corporate Security Engineer, you will be a critical part of defending Airwallex’s enterprise systems and employees from threats such as malware, phishing and unauthorised access.

This role is a highly technical opportunity to detect, investigate and prevent security issues across a modern corporate environment. You will work on digital forensics, incident response and tool development and deployment, protecting a range of corporate IT platforms from endpoints to identity providers.

This role will be based in Shanghai, Sydney or Melbourne

Responsibilities:

• Contribute to incident response for malware, phishing, digital forensics.

• Design, develop, test, and evaluate new corporate security controls for a rapidly growing business.

• Perform incident response and hunt through log sources to identify new threats.

• Design and implement security alerts and workflows to support the incident response lifecycle.

• Secure corporate IT infrastructure and remediate issues across identity providers, endpoints, corporate networks and other platforms.

• Deploy, configure and operate security tooling with a laser focus on impact.

Who you are

We're looking for people who meet the minimum qualifications for this role. The preferred qualifications are great to have, but are not mandatory.

• A passion for solving the complex challenges of high-growth startups.

• Self motivation and drive to learn new skills, or dive deeper into existing skills.

• Bachelor's degree in Computer Science, Cybersecurity or similar.

• At least 3-4 years working in a security engineering or incident response role within a tech company.

• Strong experience with Crowdstrike, Splunk or other common security monitoring tools.

• In depth understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation.

• Experience with GCP, Alibaba Cloud or other cloud platforms is preferred.

• Experience with Okta, Google Workspace and cloud-based VPN services is preferred.

• Experience securing endpoints, including with MDM tooling such as Kandji, Intune 

• Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience.

• Scripting experience such as with Python, Bash, Powershell.

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don’t regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.

Airwallex does not accept unsolicited resumes from search firms/recruiters.  Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.