Application Security Engineer

Location: Sydney

We’re a passionate team of brilliant achievers, and together we’re using technology to take the small business finance industry next level. Our mission is to keep small businesses moving – with smart cash flow solutions right when they need them. Supporting them through ups and downs. Making their lives easier. Helping them Prosper.

The role:

Security at Prospa is about working towards a robust and effective security function to protect Prospa and its customers and enable the business to grow rapidly. As an Application Security Engineer in the Product Security team, you will contribute to the architecture, design, and delivery of secure software solutions.

We are also happy to consider a software engineer who has been working with security and is looking to move sideways into security.

What you will be doing:

  • Work closely with the broader Product and Engineering teams whilst providing them with security guidance and requirements for our new and existing products.
  • Perform technical and non-technical security reviews on applications along with working with our product and engineering teams to implement remediation activities.
  • Ensure appropriate security controls and processes. For example, making sure threat modelling and security testing are seamlessly embedded into the engineering development processes.
  • Drive the continued education of engineers and product team to maintain a security aware culture.
  • Work closely with internal and external stakeholders to scope, manage and remediate regular penetration testing assessments.
  • Continually review and improve the security function by identifying possible enhancements, developing skills, identifying new techniques, and developing automation to mitigate security risks.
  • Contribute to various security projects to assist the Head of Cyber Security in delivering the cyber security roadmap following timeframes and budget.

What you’ll need to succeed:

  • Ideally experience in security, preferably in application security or software engineering role.
  • Technical skills including networking, software engineering, systems administration, penetration testing and vulnerability assessments.
  • Experience in a cloud infrastructure environment – AWS or Azure, preferably with Azure PaaS experience.
  • Basic coding proficiency in Python.
  • Experience in highly automated DevOps environments and familiarity with toolsets including Git, Azure Pipelines, Docker, Kubernetes etc.
  • Optional, but highly regarded:
    • Experience in web application penetration testing.
    • Experience in working with software developers to advise on security controls and requirements.
    • Experience in vulnerability management or threat intelligence capabilities.
    • Experience with common information security management frameworks, standards, principles, and processes (OWASP, CIS, SANS, ISO, NIST etc.)
    • Relevant security certifications (CISSP, GIAC, Security+, CEH, OSCP etc.)

Don’t let a confidence gap get in the way of submitting your application. We’d love to hear from you and see if this could be a great match.

What we offer:

  • Work with the latest technologies in the market
  • Study allowance and paid learning days
  • Join a team of passionate, diverse and talented Engineers
  • Career development opportunities
  • Flexibility (remote work on offer)
  • Highly competitive incentive scheme
  • Volunteer leave & paid parental leave
  • Team and company wide social events
  • A chance to be a part of one of Australia’s fastest scaling tech organisations

Check out our benefits and policies on Work180

Why Prospa?

We embrace diversity in our people and our thinking and provide a collaborative, inclusive, innovative and respectful environment. We celebrate who you are and actively provide our employees the same great experience we provide our customers.

It’s super exciting every day. Always moving. Always something new around the corner. And we’ve only just cracked the surface.

Open the door. Feel the buzz. Want in?