Staff product security engineer (melbourne)

About the Role

As a Staff Product Security Engineer at Airwallex, you will be a trusted member of the Information Security team and work closely with Infrastructure, Product and Engineering teams across the business. Reporting directly to the Product Security Engineering Manager, this role will see you being a critical part of Airwallex, helping to identify, protect, detect, respond and recover the organisation from cybersecurity threats.

What You'll Be Doing

• Create and build security controls that strengthen Airwallex's ability to scale securely.
• Design and deliver security improvements across applications, software, and services.
• Develop and operationalise detection strategies and response workflows that improve the speed and effectiveness of incident response.
• Build and enhance secure systems through robust integration, testing, operations, and maintenance practices.
• Leverage and analyse endpoint, network, and cloud telemetry to identify, investigate, and mitigate threats.
• Design, implement, and maintain cybersecurity infrastructure that improves resilience across the Airwallex environment.
• Investigate, contain, and respond to cybersecurity incidents to reduce risk and strengthen defensive capability.
• Assess and improve system and network security by identifying vulnerabilities, configuration issues, and remediation opportunities.
• Collect and analyse threat intelligence and forensic evidence to better understand, track, and disrupt threats.
• Conduct and support defensive operations, tactical forensics, and threat hunting to strengthen security outcomes.
• Partner with teams across Airwallex to embed security into new and existing applications, software, and services and drive continuous improvement.

Minimum Qualifications (must-have)

• 8+ years working in a security engineering or incident response role within a tech company.
• In depth expertise with at least one major cloud platform.
• Strong knowledge of common software development tools and infrastructure, including CI/CD tooling and pipelines.
• Comprehensive understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation.
• Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience.
• A passion for solving the complex challenges of high-growth startups.
• Self motivation and drive to learn new skills, or dive deeper into existing skills.

Highly Desired

• Bachelor's degree in Cybersecurity, Computer Science or similar.
• Recognised training or cybersecurity certifications (e.g., OSCP, GIAC, CEH).
• Strong experience with Splunk and other common security monitoring tools.
• Past DevOps/SRE experience with Kubernetes.
• Experience with GCP or Alibaba Cloud (with or without certification).
• Experience with Okta, GSuite, and cloud-based VPN services.
• Experience with Python, Java/Kotlin.
• Published articles, journals or blogs related to cybersecurity.

Compensation

$160K - $260K

Equal Opportunity

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.