Argonix is a fast-growing Australian technology consultancy and systems partner. We help mid-market businesses identify where AI and process optimisation can save time and money - then we build and implement the systems that make it happen. Our clients span APAC and the US, and our work covers sales process systemisation, CRM & ERP implementation, corporate AI training, and end-to-end business transformation.
As our delivery pipeline scales, we need someone who ensures that everything we ship meets a professional standard - secure, well-structured, and production-ready.
The Role
We're looking for a Code Security & Quality Assurance Engineer to act as the final line of review before any code, automation, or application is delivered to a client.
Our engineering team builds automations, integrations, and custom applications – often rapidly, using a mix of traditional development and AI-assisted coding workflows. Your job is to make sure that what gets shipped is secure, well-architected, and fit for production. You'll review code for vulnerabilities, assess infrastructure and hosting configurations, enforce quality standards, and flag risks before they reach the client.
This isn't a passive audit role. You'll be embedded in our delivery process – reviewing pull requests, hardening deployments, advising on architecture decisions, and building out the internal security standards and checklists that our engineering team works to.
Like all Argonix subcontractor roles, this is project-based. Work flows in as client engagements progress through the build phase, and you'll review and sign off on deliverables before they go out the door. Pay is variable within the range based on project urgency and complexity, and increases over time with proven reliability and deeper involvement.
What You'll Be Doing
* Reviewing all code, automations, and applications before client delivery – checking for security vulnerabilities, code quality, and structural integrity
* Conducting security assessments on AI-assisted and rapidly prototyped codebases, identifying risks specific to LLM-generated or co-authored code
* Evaluating and hardening hosting and deployment configurations across platforms such as Vercel, Supabase, AWS, Cloudflare, and similar services
* Assessing encryption practices – ensuring client data is handled securely, with end-to-end encryption implemented where appropriate
* Reviewing API integrations for authentication best practices, rate limiting, data exposure, and secure credential management
* Identifying and remediating common vulnerabilities (injection, XSS, CSRF, insecure storage, misconfigured permissions, exposed secrets)
* Assessing third‐party platform security – reviewing the tools and services we host on or integrate with, and flagging platform‐level risks
* Developing and maintaining internal security standards, code review checklists, and quality gates for the engineering team
* Documenting findings clearly – producing concise risk assessments and remediation guidance that our engineers can act on immediately
* Advising on secure architecture patterns for client-facing applications and data workflows
What We're Looking For
* Demonstrated experience in application security, code review, or security engineering
* Familiarity with modern hosting and deployment platforms (Vercel, Supabase, AWS, Cloudflare, Netlify, or similar) and their security configurations
* Understanding of encryption standards and secure data handling practices – TLS, encryption at rest, key management, and secure authentication flows
* Experience identifying vulnerabilities in web applications, APIs, and automation workflows
* Awareness of the security risks specific to AI-generated code and rapid prototyping workflows – you understand what corners get cut when things move fast, and you know where to look
* Ability to assess third‐party platform security posture and make informed recommendations on where to host and what to trust
* Clear, direct communication – you can explain a vulnerability and its fix to an engineer without writing a 40-page report
* Comfortable working asynchronously and reviewing deliverables on a project‐by‐project basis
* ABN holder (or willingness to set one up)
Relevant certifications (OSCP, CEH, CompTIA Security+, or similar) are a plus but not required. We care more about practical ability than credentials. If you can find the vulnerability, explain why it matters, and tell us how to fix it – that's what counts.
How Pay Works
This is variable hourly pay on a project basis. As client builds reach the review stage, you'll be briefed on scope and engaged to assess and sign off on deliverables. More complex or time-sensitive reviews pay at the higher end of the range. Rates increase over time as trust is established and your role in the delivery process deepens.
* Starting range: $80 AUD/hr
* Upper range: $120 AUD/hr
* Structure: Project-based, on-call, variable hours
* Growth: Rates increase with loyalty, skill development, and demonstrated reliability
How to Apply
Send us a short message covering:
* A brief intro – your background and what kind of security work you've been doing
* Examples of security reviews, audits, or vulnerability findings you've led (sanitised or anonymised is fine)
* The platforms and tools you're most experienced with from a security perspective
* Your availability and preferred working style
Attach a cover letter showing us how you think about risk, and how you'd make sure a client receives work they can trust.
#J-18808-Ljbffr