Find your dream job at Australia's leading startups and VCs

Our exceptional communities of founders and investors are constantly seeking passionate individuals like you to join their team. Find your fit in the postings below. Just browsing? Sign up to our newsletter here, and stay up to date on the latest jobs.

Senior Application Security Engineer



Posted on Friday, April 19, 2024

About Us:

Zepto is a rapidly-scaling provider of real-time, account-to-account payments solutions for merchants and is reimagining the way money moves through the always-on, digital-first economy.

Our growing team across Australia allows for like-minded, talented, passionate people motivated to help us deliver on our brand promise to #LevelThePayingField

At Zepto we believe in the power of positive human experiences, and that a deep sense of belonging creates cohesion in our culture. So, even in a remote-first team, you will be a contributor and custodian of that culture. You will also enjoy solving complex problems, and play a key role in creating something truly special as we focus on delivering ‘a better way to pay’ at Zepto.

The Role You’ll Play:

As a Senior Application Security Engineer you will have the opportunity to play a significant role in ensuring that our product is safe and secure by establishing the foundations of Zepto’s application security practices.

You will work closely with our Engineering and Product teams to provide guidance and coaching for all things application security, whilst continuing to raise the bar on our security expectations and capability.

Reporting to the Head of Information Security, you will apply a consultative and advisory approach when working with the wider Zepto team and empower them to work confidently and to utilise the self service facilities you establish.

Within the Security team, you are the go to person for:

  • Secure development practices
  • Security architecture advice & threat modelling
  • Security testing
  • Vulnerability management

Working in a scale-up, means you get the opportunity to flex your skills in a variety of ways. We are agile and always willing to roll up our sleeves to get things done. You can, however, expect your day to day to be involved in the following:

  • Conduct proactive risk assessments and security testing to identify vulnerabilities and threats
  • Implement and maintain common application security tooling
  • Run the vulnerability management program
  • Collaborate with development and product teams and influence embedding information security risk assessments and prioritising security controls when developing software
  • Coach and collaborate with engineering teams to ensure that every step of the software development life cycle follows security best practices
  • Conduct security assessments of Zepto’s applications in line with compliance obligations
  • Establish and implement security architecture standards and practices in collaboration with our Head of Information Security
  • Help manage application security incidents in collaboration with the rest of the Security team

What You’ll Bring to the Table:

Our ideal candidate will have:

  • Proven knowledge of security best practices and how to implement them in a scale-up environment
  • A deep understanding of risk, risk appetite and balancing risk with commercial outcomes
  • 5+ years of experience working in an application security role with exposure to vulnerability management, red team testing and security architecture
  • Experience with security compliance frameworks such as ISO 27001, PCI-DSS, NIST
  • Advanced understanding of OWASP top 10 vulnerabilities and common security attacks
  • Proven experience in advising engineering teams on security architecture best practices
  • Experience implementing and maintaining common application security tooling
  • Hands on experience in automating security controls
  • Experience working in a cloud infrastructure (AWS)
  • Strong and empathic communicator with both technical and non-technical teams

What's on Offer:

Zepto has an inspiring Founder story and is a customer-focused, culture-first organisation.

We’re all striving to achieve our mission of enabling a better way to pay for consumers and merchants and do so while fostering an inclusive culture where you will work with and learn from world-class talent in their areas of expertise.

As a remote-first organisation, you’ll feel connected through our various initiatives and enjoy the flexibility that comes with remote work. To effectively support our enterprise customers, this role will ideally be based in Melbourne or Sydney where we also have premium Hub locations for co-working and connection.

You'll join a team that is on a mission to change the world of payments and work with incredibly talented people in the space. We offer an Employee Share Option Plan for all employees, access to an annual learning budget, Paid Parental Leave and wellbeing support.

Apply today to express your interest.

Please note that as an organisation in the regulated Financial Services industry, Background Checks will be required as part of the recruitment process.