Security Engineer - Enterprise Security at Afterpay

Full-time, Melbourne melbourne engineering full-time
Posted 13 days ago

About us

From an Australian-born company to a rapidly growing global business, we’re on the ride of a lifetime!

We’re on a mission to be the world’s most loved way to pay. We love connecting our customers with brands they love and empowering them to spend their money and buy what they want in a responsible way. We’re all about building a high-performing team, where our teams come to work to be the best they can be. We are grounded in reality and work together to achieve the extraordinary.

It’s a fast-paced business and that’s the way we love it. We know that world class talent is the only way to pave our future success, so come and work with some of the brightest minds and be part of the once in a lifetime ride. 

About the Opportunity

In order to be successful, Afterpay must operate a wide range of different technology solutions including collaboration tooling, financial platforms, and data warehouses. Our enterprise security team works with our partners in IT, Finance, HR, Legal, and Operations to ensure that our enabling technology is safe.

We’re big believers that the best way to scale an information security team is to focus on self-service and automation. Our security engineers work to enable our partners to manage risk by self-serving as much as possible through the creation of process, documentation, visibility, and tooling.

What you’ll be doing

  • Working with security leadership to understand and shape the organisations goals - understanding our security architecture goals and helping develop solutions that align with them
  • Contributing to our identity and access management efforts - developing integration patterns and tooling around our central authentication, authorization and provisioning systems & integrating new/legacy applications with our central IDAM platform
  • Assisting with our endpoint security efforts - assisting with endpoint and mobile-device hardening, developing tooling to measure and report on device hardening statuses & helping with automation around patch management
  • Improving the security of our collaboration tooling - assisting with the management and improvement of controls around our file sharing, email, videoconferencing and other chat solutions
  • Helping fortify our supporting infrastructure - working with our networking and infrastructure teams to understand our networks and manage them safely
  • Helping secure our business applications - consulting with our stakeholders to understand their needs and helping them to safely deploy the technology they need to do their jobs
  • Assisting with the measurement and monitoring of our environment - operating vulnerability and configuration management tooling & helping drive vulnerability remediation and visibility
  • Contributing to our security culture - helping generate awareness across the organization around security best practices

About the team

We are strong believers that the security team should not be the team of NOPE - instead, we believe that our job is to understand our partner’s goals and to work with them to achieve those goals.

We believe that we can only achieve all of this by making Afterpay a great place for talented information security professionals to work. Our team values are:

  • Partnership - we understand the business and technical priorities and work to support them. We link our initiatives to the needs of the business
  • Respect - we aim to build respect with every interaction by being subject matter experts, by communicating clearly and by being human. We also work to develop one another as security professionals with the understanding that we’re better when we work as a team
  • Empathy - we know that people have competing priorities and we try to put ourselves in their shoes
  • Pragmatism - we make sure that we’re making reasonable recommendations and that we’re not being overly dogmatic
  • Measurability - we think about how we’ll measure the effect of our actions before we take them. We focus on measuring our work so we can show the impact we’re having and so we can continually improve

About You

Life on the rocketship is exciting! Our rapid growth means you will need to be enthusiastic, flexible, tolerant, and resilient. In addition, you’ll be:

  • Self-driven - We afford our team members a lot of autonomy. Our style is to agree on a set of goals and metrics upfront and to empower people to get their jobs done.
  • Creative - We value team members who are able to find smart ways to balance risk and requirements. We aren’t a team that dogmatically follows established security processes.
  • Technical - We need someone who is able to independently discover how systems work and to devise the best ways to use and improve them.
  • Influential - The security team influences without authority. You’ll need to build great relationships and make people want to work with you by adding value to every interaction.
  • Disciplined - Delivering against our goals requires someone who is able to keep themselves honest and to continue to move forward regardless of what is happening around them