Senior Security Engineer

About Airwallex

At Airwallex (airwallex.com), we’re building the future of global finance on one platform. Founded in 2015 in Melbourne, Airwallex is the leading financial technology platform for modern businesses to grow beyond borders. With one of the world’s most powerful payments infrastructure, our technology empowers businesses of all sizes to accept payments, move money globally, and simplify their financial operations, all on one single platform.

We hire successful builders with founder-like energy who want real impact, accelerated learning, and true ownership. You bring strong role-related expertise and sharp thinking, and you’re motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor.

You're humble and collaborative; turn zero‑to‑one ideas into real products, and you “get stuff done” end-to-end. You use AI to work smarter and solve problems faster. Here, you’ll tackle complex, high‑visibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you, let’s build what’s next.

Your role

As a Senior Security Engineer, you will sit within our Security team and work closely with all product and engineering teams across the business.

This role will see you being a critical part of defending both Airwallex and our 150,000 customers by building our application security program and making our platform as secure as possible. Your day to day work will ensure that the Product and Engineering teams have the confidence to build and release products as quickly as possible without compromising security.

From actively identifying vulnerabilities, to partnering with engineers to help prevent vulnerabilities ever existing, your role requires you to get deep into the code base while interacting with and educating the broader business on security best practices.

This role can be based in our Sydney, Melbourne or San Francisco offices. You will need full working rights for the location.

What you'll be doing

• Review the Airwallex platform and products' code to identify security issues and help engineers find more secure solutions.

• Proactively work with our product and engineering teams to assess risk and provide policy guidance on secure code review and best practices.

• Be the advocate for security architecture best practices across the Product and Engineering organisation, including secure configuration and deployment of new infrastructure and services.

• Educate the engineering and product teams on what secure code and design looks like and why it is important.

• Continually test our applications, both internally and externally.

• Keep up to date across the latest threats and attack techniques and how they apply to our platform.

• Coordinate and manage third party application security reviews and penetration tests.

• Set standards for identity and access management across the platform.

• Review our use of cloud providers, identify risk areas, and help mitigate them.

What you'll bring

• A passion for solving the complex challenges of high-growth startups.

• Experience with cloud platforms (we use GCP)

• Self motivation and drive to learn new skills, or dive deeper into existing skills.

• In depth understanding of common attacker tools and techniques, and how they can be exploited by insecure development practices.

• Experience with vulnerability assessment tools.

• Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience.

• Experience with Kotlin, Typescript, NodeJS, and Kubernetes is a plus.

• Any additional training, security certifications, or history of responsible disclosure is a big plus, such as GIAC certifications, OSCP or your HackerOne profile or other bug bounty programs.

• Published articles, journals or blogs related to cybersecurity.