Senior DevSecOps Engineer

About Airwallex

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 100,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale.

Proudly founded in Melbourne, we have a team of over 1,500 of the brightest and most innovative people in tech located across more than 20 offices across the globe. Valued at US$5.6 billion and backed by world-leading investors including Sequoia, Lone Pine, Greenoaks, DST Global, Salesforce Ventures and Mastercard, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us.

About the team

Our Information Security team is a highly skilled, proactive team that is focused on improving the security of our products as we scale-up all around the world. We work closely with other teams across the company to protect our employees and customers, and detect and respond to cybersecurity threats. We're on a journey to transform how we operate to take the team to the next level - focused on leveraging data and metrics to improve decision making for our team and others.

Your role

As a Development, Security and Operations (DevSecOps) Engineer here at Airwallex, you will be a trusted member of the Information Security team and work closely with the broader Infrastructure and Software Engineering teams across the business.

Reporting directly to the Director of Security Engineering, this role will see you being a critical part of Airwallex, helping to identify, protect, detect, respond and recover the organisation from cybersecurity threats.

This is a dynamic and hands-on role that requires you to act as the champion of security within the development process, ensuring that security is baked in at every stage. You'll design and build automated pipelines that enable rapid and secure software delivery as well as collaborate between development, security, and operations teams, facilitating communication and fostering a DevSecOps culture. You will also proactively problem solve ways to efficiently identify and address security vulnerabilities, ensuring the integrity of our systems and applications.

What You'll Do

• Champion Security and Efficiency: Play a key role in integrating security practices throughout the entire infrastructure and software development lifecycle.

• Automate, Automate, Automate: Design and implement automated processes for building, testing, securing, and deploying infrastructure services and applications.

• Collaborate Across Teams: Work closely with development, security, and operations teams to bridge gaps and foster a culture of shared responsibility for security.

• Continuously Improve: Monitor systems and applications for vulnerabilities, identify areas for improvement, and implement solutions proactively.

Responsibilities

• Implement Security Measures: Integrate security tools and best practices into the CI/CD pipeline, including static and dynamic code analysis, vulnerability scanning, and penetration testing.

• Build and Maintain Infrastructure: Provision and manage cloud infrastructure using tools like Terraform, Ansible, or similar.

• Develop Automation Scripts: Create and maintain scripts to automate repetitive tasks and streamline the development and deployment process.

• Incident Response: Participate in on-call rotation, investigate and resolve security incidents swiftly and effectively.

Who You Are

• Passionate About Security: A strong advocate for security best practices with a proactive approach to identifying and mitigating risks.

• Collaborative Team Player: Excellent communication and interpersonal skills, able to build relationships and work effectively across teams.

• Problem Solver: A creative and analytical mind with the ability to troubleshoot complex issues and implement innovative solutions.

• Continuous Learner: Eager to stay up-to-date on the latest technologies and trends in the rapidly evolving field of DevSecOps.

Minimum Qualifications

• Bachelor's degree in Computer Science, Information Technology, or a related field or equivalent experience.  

• 3+ years of experience in DevOps or a related field.

• Strong understanding of security principles and practices.

• Proficiency in scripting languages (e.g. Python, Bash).

• Experience with cloud platforms (e.g. GCP, Aliyun).

• Hands-on experience with CI/CD tools (e.g. Jenkins, GitLab CI).

Preferred Qualifications

• Certifications in security (e.g. CISSP, CEH) or cloud technologies.

• Experience with containerization and orchestration (e.g. Docker, Kubernetes).

• Knowledge of infrastructure as Code (IaC) principles and tools.

• Familiarity with monitoring and logging tools (e.g. Splunk).

Equal opportunity

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don’t regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.

Airwallex does not accept unsolicited resumes from search firms/recruiters.  Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.