Senior Product Security Engineer
Airwallex · San Francisco, CA · 1 wk ago
HybridInformation Technology$160k–$250k/yrFull-time
About the role
This role is a dynamic and hands-on position within Airwallex's Information Security team. You will partner with other teams to analyze applications, software, or services, help drive security improvements, and perform incident response and hunting through log sources to identify new threats.
Responsibilities
- Partner with other teams within Airwallex to analyse new or existing applications, software, or services and help drive security improvements.
- Design, develop, and evaluate new security controls for a rapidly growing business.
- Perform incident response and hunt through log sources to identify new threats.
- Design and implement custom detection strategies and workflows to support the incident response lifecycle.
- Analyse and develop integration, sing, operations, and maintenance of secure systems.
- Investigate, analyse, and respond to cybersecurity incidents within the Airwallex environment.
- Conduct assessments of systems and networks to identify deviations in configurations and policies, identify vulnerabilities and support suitable mitigation and remediation.
- Identify, collect, examine, and preserve digital forensic evidence using analytical and investigative techniques.
- Perform network navigation, tactical forensic analysis, and defensive operations.
- Design, develop, implement, deploy, and maintain cybersecurity infrastructure projects.
Requirements
- 5+ years working in a security engineering or incident response role within a tech company.
- In-depth experience with at least one major cloud platform.
- Comprehensive understanding of common attacker tools and techniques, how they can be detected and prevented, and ability to respond to incidents with high depth and quality of investigation.
- Strong communication skills with the ability to explain technical security and software concepts to a non-technical audience.
- A passion for solving the complex challenges of high-growth startups.
- Self-motivation and drive to learn new skills, or dive deeper into existing skills.
Qualifications
- Bachelor's degree in Cybersecurity, Computer Science or similar.
- Recognised training or cybersecurity certifications (e.g. OSCP, GIAC, CEH).
- Strong experience with Splunk and other common security monitoring tools.
- Past DevOps/SRE experience with Kubernetes.
- Experience with GCP or Alibaba Cloud (with or without certification).
- Experience with Okta, GSuite, and cloud-based VPN services.
- Experience with Python, Java/Kotlin.
- Published articles, journals or blogs related to cybersecurity.