About Airwallex

Airwallex is the only unified payments and financial platform for global businesses. Powered by our unique combination of proprietary infrastructure and software, we empower over 100,000 businesses worldwide – including Brex, Rippling, Navan, Qantas, SHEIN and many more – with fully integrated solutions to manage everything from business accounts, payments, spend management and treasury, to embedded finance at a global scale.

Proudly founded in Melbourne, we have a team of over 1,500 of the brightest and most innovative people in tech located across more than 20 offices across the globe. Valued at US$5.6 billion and backed by world-leading investors including Sequoia, Lone Pine, Greenoaks, DST Global, Salesforce Ventures and Mastercard, Airwallex is leading the charge in building the global payments and financial platform of the future. If you’re ready to do the most ambitious work of your career, join us.

About the Team

Our Information Security Team are a critical part of the ongoing growth and success of Airwallex Globally. This team proactively identifies key information and technology risks for the organisation, as well as designing and delivering preventative mitigation strategies to protect Airwallex and it’s customers.

What you’ll do

This is a highly dynamic and autonomous role where you will be a highly trusted member of the Information Security team as well as working closely with senior leadership regarding regulatory compliance, data privacy and other aspects of financial risk and governance.

This role requires looking at risk and compliance as a problem to solve, rather than a function and requires experience in designing and implementing GRC related projects, including developing and managing policies and standards related to the security of our networks, systems and applications.

Responsibilites include:

• Evaluate risks and co-develop security standards and policies to manage InfoSec risks

• Develop guidelines, checklists and other resources to help non-technical employees understand InfoSec requirements

• Co-develop and maintain reporting metrics, dashboards and evidence artefacts for internal reporting and risk

• Provide support to all stakeholders on internal and external audits, third party vendor and partner reviews, and regulator questionnaires

• Perform internal and external security risk and exceptions assessments, identifying gaps and risks

• Whilst they don’t directly report to you, you will provide leadership and guidance to the more junior members of the team

Who you are

We’re looking for people who meet the minimum qualifications for this role. The preferred qualifications are great to have, but are not mandatory.

Minimum qualifications:

• 8+ years of experience in the same or a similar role, with 3+ years of that in a financial services, payments and/or fintech business

• A high level of InfoSec and technical experience, giving you strong familiarity with InfoSec concepts and best practices

• Deep knowledge of compliance, regulatory and control frameworks (PCI-DSS, ISO27001, SOC2 and similar)

• An understanding of cloud platform and app security

• A passion for solving the complex challenges of high-growth startups

• Experience in Risk Management including the design and implementation of processes to identify, manage and mitigate information security risks

• Working knowledge of and experience in the policy and regulatory environment of information security

• Technical experience in cybersecurity operations to understand, incorporate and communicate technical aspects into the role

Preferred qualifications:

• MSc in Information Security or similar computer science or engineering qualifications

• CISSP, CISA, CISM

Equal opportunity

Airwallex is proud to be an equal opportunity employer. We value diversity and anyone seeking employment at Airwallex is considered based on merit, qualifications, competence and talent. We don’t regard color, religion, race, national origin, sexual orientation, ancestry, citizenship, sex, marital or family status, disability, gender, or any other legally protected status when making our hiring decisions. If you have a disability or special need that requires accommodation, please let us know.

Airwallex does not accept unsolicited resumes from search firms/recruiters.  Airwallex will not pay any fees to search firms/recruiters if a candidate is submitted by a search firm/recruiter unless an agreement has been entered into with respect to specific open position(s).  Search firms/recruiters submitting resumes to Airwallex on an unsolicited basis shall be deemed to accept this condition, regardless of any other provision to the contrary.