Senior Product Security Engineer
About The Position
As a Senior Security Engineer at Airwallex, you will be a trusted member of the Information Security team and work closely with Infrastructure, Product and Engineering teams across the business. Reporting directly to the Product Security Engineering Manager, this role will see you being a critical part of Airwallex, helping to identify, protect, detect, respond and recover the organisation from cybersecurity threats. This is a dynamic and hands-on role that requires experience in designing, developing and managing infrastructure projects, processes and standards related to the security of our networks, systems and applications.
Requirements
- 5+ years working in a security engineering or incident response role within a tech company
- In depth experience with at least one major cloud platform
- Strong knowledge of common software development tools and infrastructure, including CI/CD tooling and pipelines
- Comprehensive understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation
- Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience
- A passion for solving the complex challenges of high-growth startups
- Self motivation and drive to learn new skills, or dive deeper into existing skills
Nice To Haves
- Bachelor's degree in Cybersecurity, Computer Science or similar
- Recognised training or cybersecurity certifications (eg OSCP, GIAC, CEH)
- Strong experience with Splunk and other common security monitoring tools
- Past DevOps/SRE experience with Kubernetes
- Experience with GCP or Alibaba Cloud (with or without certification)
- Experience with Okta, GSuite, and cloud-based VPN services
- Experience with Python, Java/Kotlin
- Published articles, journals or blogs related to cybersecurity
Responsibilities
- Partner with other teams within Airwallex to analyse new or existing applications, software, or services and help drive security improvements.
- Design, develop, test, and evaluate new security controls for a rapidly growing business.
- Perform incident response and hunt through log sources to identify new threats.
- Design and implement custom detection strategies and workflows to support the incident response lifecycle.
- Analyse and develop integration, testing, operations, and maintenance of secure systems.
- Use data collected from a variety of endpoint, network and cloud tools (e.g. EDR, authentication, firewalls, network traffic logs) to analyse, identify and mitigate threats.
- Design, test, implement, deploy and maintain cybersecurity infrastructure projects.
- Investigate, analyse and respond to cybersecurity incidents within the Airwallex environment.
- Perform assessments of systems and networks to identify deviations in configurations and policies, identify vulnerabilities and support suitable mitigation and remediation.
- Conduct collection, processing, and/or geolocation of threats in order to exploit, locate, and/or track cybersecurity threats infrastructure.
- Perform network navigation, tactical forensic analysis, and defensive operations.
- Identify, collect, examine, and preserve digital forensic evidence using analytical and investigative techniques.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
