This is a hybrid role if you are located in Sydney OR a remote role if you are located outside of our Sydney Hub.
We’re a passionate team of brilliant achievers, and together we’re using technology to take the small business finance industry next level. Our mission is to keep small businesses moving – with smart cash flow solutions right when they need them. Supporting them through ups and downs. Making their lives easier. Helping them Prosper.
Security at Prospa is about working towards a robust and effective security function to protect Prospa and its customers and enable the business to grow rapidly. As an Application Security Engineer in the Product Security team, you will contribute to the architecture, design, and delivery of secure software solutions. You will have the opportunity to work across multiple projects and focus on work which gives you the most satisfaction. There has never been a more exciting time to in the security team at Prospa.
We are also happy to consider a software engineer who has been working with security and is looking to move sideways into security.
What you will be doing
- Work closely with broader Product and Engineering teams and provide them with security guidance and requirements for new and existing products.
- Perform technical and non-technical security reviews on applications and work with the product and engineering teams to implement remediation activities.
- Ensure appropriate security controls and processes such as threat modelling and security testing are seamlessly embedded into the engineering development processes.
- Drive the continued education of engineers and product team to maintain a security aware culture.
- Work closely with internal and external stakeholders to scope, manage and remediate regular penetration testing assessments.
- Continually review and improve the security function by identifying possible enhancements, developing skills, identifying new techniques, and developing automation to mitigate security risks.
- Contribute to various security projects and assist the Head of Cyber Security in delivering the cyber security roadmap following timeframes and budget.
What you’ll need to succeed
We encourage you to apply even if you don’t check all boxes:
- Ideally 2-3 years relevant experience in security, preferably in application security or software engineering role
- Technical skills including networking, software engineering, systems administration, penetration testing and vulnerability assessments
- Experience in a cloud infrastructure environment – AWS or Azure, preferably with Azure PaaS experience
- Basic coding proficiency in Python
- Experience in highly automated DevOps environments and familiarity with toolsets including Git, Azure Pipelines, Docker, Kubernetes etc
- Optional, but highly regarded:
- Experience in web application penetration testing
- Experience in working with software developers to advise on security controls and requirements
- Experience in vulnerability management or threat intelligence capabilities
- Experience with common information security management frameworks, standards, principles, and processes (OWASP, CIS, SANS, ISO, NIST etc.)
- Relevant security certifications (CISSP, GIAC, Security+, CEH, OSCP etc.)
Don’t let a confidence gap get in the way of submitting your application. We’d love to hear from you and see if this could be a great match.
What we offer
- Work with the latest technologies in the market
- Study allowance and paid learning days
- Join a team of passionate, diverse and talented Engineers
- Career development opportunities
- Flexibility (remote work on offer)
- Highly competitive incentive scheme
- Volunteer leave & paid parental leave
- Team and company wide social events
- A chance to be a part of one of Australia’s fastest scaling tech organisations
We embrace diversity in our people and our thinking and provide a collaborative, inclusive, innovative and respectful environment. We celebrate who you are and actively provide our employees the same great experience we provide our customers.
It’s super exciting every day. Always moving. Always something new around the corner. And we’ve only just cracked the surface.
Open the door. Feel the buzz. Want in?