About Airwallex Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 200,000 businesses worldwide - including Brex, Rippling, Navan, Qantas, SHEIN and many more - with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale. Proudly founded in Melbourne, we have a team of over 2,200 of the brightest and most innovative people in tech across 26 offices around the globe. Valued at US$8 billion and backed by world-leading investors including T. Rowe Price, Visa, Mastercard, Robinhood Ventures, Sequoia, Salesforce Ventures, DST Global, and Lone Pine Capital, Airwallex is leading the charge in building the global payments and financial platform of the future. If you're ready to do the most ambitious work of your career, join us. Attributes We Value We hire successful builders with founder-like energy who want real impact, accelerated learning, and true ownership. You bring strong role-related expertise and sharp thinking, and you're motivated by our mission and operating principles. You move fast with good judgment, dig deep with curiosity, and make decisions from first principles, balancing speed and rigor. You're humble and collaborative; turn zero-to-one ideas into real products, and you "get stuff done" end-to-end. You use AI to work smarter and solve problems faster. Here, you'll tackle complex, high-visibility problems with exceptional teammates and grow your career as we build the future of global banking. If that sounds like you, let's build what's next. Your role As a Staff Corporate Security Engineer, you will be a critical part of defending Airwallex's enterprise systems and employees from threats such as malware, phishing and unauthorised access. This role is a highly technical opportunity to detect, investigate and prevent security issues across a modern corporate environment. You will work on digital forensics, incident response and tool development and deployment, protecting a range of corporate IT platforms from endpoints to identity providers. What you'll be doing - Contribute to incident response for malware, phishing, digital forensics. - Design, develop, test, and evaluate new corporate security controls for a rapidly growing business. - Perform incident response and hunt through log sources to identify new threats. - Design and implement security alerts and workflows to support the incident response lifecycle. - Secure corporate IT infrastructure and remediate issues across identity providers, endpoints, corporate networks and other platforms. - Deploy, configure and operate security tooling with a laser focus on impact. What you'll bring - A passion for solving the complex challenges of high-growth startups. - Self motivation and drive to learn new skills, or dive deeper into existing skills. - Bachelor's degree in Computer Science, Cybersecurity or similar. - 7+ years working in a security engineering or incident response role within a tech company. - Strong experience with Crowdstrike, Splunk or other common security monitoring tools. - In depth understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation. - Experience with GCP, Alibaba Cloud or other cloud platforms is preferred. - Experience with Okta, Google Workspace and cloud-based VPN services is preferred. - Experience securing endpoints, including with MDM tooling such as Kandji, Intune - Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience. - Scripting experience such as with Python, Bash, Powershell. Applicant Safety Policy: Fraud and Third-Party Recruiters To protect you from recruitment scams, please be aware that Airwallex will not ask for bank details, sensitive ID numbers (i.e. passport), or any form of payment during the application or interview process. All official communication will come from an @airwallex.com email address. Please apply only through careers.airwallex.com or our official LinkedIn page. Airwallex does not accept unsolicited resumes from search firms/recruiters. Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s). Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary. Equal opportunity Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don't regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.

• Deploy, and manage infrastructure for Protected B classified environments, ensuring compliance with ITSG-33 and Canadian government standards • Design and implement security controls for cloud (AWS, GCP, Azure) and hybrid/multi-cloud deployments • Evaluate, implement, and manage security tools and technologies for training cluster and inference infrastructure hardening • Implement security best practices including IAM, encryption, logging, and monitoring • Participate in security incident response activities, including detection, analysis, containment, and remediation • Conduct regular vulnerability assessments and penetration testing of infrastructure components • Maintain comprehensive security documentation, procedures, and configurations for classified environments • Maintain active Secret+ security clearance and adhere to all Canadian government security protocols

• Administer, configure, and maintain HashiCorp Vault for secure secrets management across Azure and Google Cloud Platform (GCP) environments. • Integrate Vault with enterprise cloud workloads, ensuring robust access control and compliance with Humana's security standards. • Develop and implement automation scripts and tools to support infrastructure management and operational efficiency, using PowerShell, Python, Ruby, or Bash. • Support installation, configuration, and maintenance of cloud-based servers and services, ensuring reliability and scalability in multi-cloud settings. • Collaborate with cross-functional teams to design and enhance secure cloud architectures, contributing to continuous improvement initiatives. • Monitor, identify, and remediate cybersecurity issues and opportunities, in alignment with Humana's IT/Cyber IOP policies. • Ensure accurate documentation and compliance for technology lifecycle management, including decommission requests as required. • Provide regular updates, evidence of remediation, and participate in closure reviews of IT/Cyber IOPs.

Role Description Our client is hiring a Lead Cyber Security Engineer to help secure the infrastructure, systems, applications, and enterprise environments powering a rapidly scaling AI-native SaaS platform. You will lead security initiatives across cloud infrastructure, enterprise systems, compliance, vulnerability management, and operational security while partnering closely with engineering leadership and enterprise customers. This is a highly impactful role with direct visibility into platform architecture, security strategy, compliance readiness, and long-term enterprise scalability. Responsibilities - Lead security strategy across infrastructure, cloud systems, and enterprise applications - Drive SOC 2, ISO 27001, and ISO 42001 readiness/certifications - Own vulnerability management, threat monitoring, and incident response workflows - Secure APIs, cloud infrastructure, enterprise systems, and multi-tenant environments - Partner closely with engineering leadership on secure architecture and platform decisions - Build and improve internal security policies, controls, and operational procedures - Support enterprise customer security reviews, audits, etc. - Help establish long-term security operations, governance, and compliance practices Qualifications - 4 to 10+ years of hands-on experience securing production-grade infrastructure, cloud systems, APIs, and enterprise SaaS platforms operating in real-world customer environments - Experience leading SOC 2 and ISO 27001 compliance initiatives/certifications - Strong cloud security experience across AWS, GCP, or Azure - Experience with vulnerability management, SIEM tooling, and threat detection - Strong understanding of enterprise SaaS security architecture and multi-tenant systems - Experience supporting regulated environments and handling customer PII securely - Strong communication skills with the ability to work cross-functionally with technical and non-technical teams - Startup mentality with strong ownership, urgency, and execution skills Benefits - 10 days PTO - Paid holidays - Work-from-home equipment provided, including laptop and monitors - Health, medical, and vision coverage - Early-stage startup environment with direct impact on product and company growth - Opportunity to help shape the future of an AI-native enterprise platform Interview Process - Initial conversation with our recruiting team (SaaS Talent) - 1-hour introductory conversation with Founder / CEO - Technical deep dive/system design interview - Final 30-minute conversation with leadership and founders Compensation USD 140,000 - USD 175,000 yearly