About Zai
Zai was born from the April 2021 merger of Assembly Payments and CurrencyFair. We are boldly transforming the future of financial services and powering our customers by making innovative financial services accessible to all.
Assembly Payments, founded in 2013, has been one of the fastest growing fintechs in Australia, with a presence in Singapore, India, Philippines and the US. Specialising in building automated payment workflows, with APIs, to reduce the complexity of running both traditional and digital-native businesses.
CurrencyFair, founded in 2010 and with offices in Ireland, UK, Hong-Kong, Singapore & Australia, is a global cross-border payments fintech that serves individuals and businesses with international payments and currency exchange through its proprietary global platform.
The Zai brand focuses on mid-market and enterprise-level business customers in the world of integrated financial services, including payments, FX, fraud management, reconciliation and more. While the CurrencyFair brand continues as the home for consumers and small businesses who want faster, cheaper foreign exchange.
Zai has over 170 employees, growing to 450 by 2025 and we are now expanding our presence across APAC, Europe, the Middle-East, and the US. We are looking for skilled, motivated and passionate people who want to be part of the next generation of financial services.
The Role & Key Responsibilities
- Work closely with multiple security teams providing expertise on design, implementation, and guidance on security tools.
- Be responsible for assessing tools and technology that support access, crypto, data loss prevention, and cloud solutions.
- Level up and lead our approach on design, Infra as Code, automation, and DevOps
- Be a champion for security knowledge and education across our teams and broader Zai
- Work closely with product and architecture on long term plans and strategies around tools and technology
- Support and collaborate security requirements across teams building and developing Zai products.
- Interact with security customers and leadership on threats and vulnerabilities.
- Be a champion for security with our customers and teams across Zai
- Help mentor engineering teams and further our knowledge through continual learning.
- Stay informed and work on solutions for emerging threats, vulnerabilities, and new controls and around security posture.
What we offer in return
- Global market exposure in an agile organization where your ideas and contributions will have a strong impact on the company’s growth and success.
- A company culture with an innovative, inclusive & collaborative mindset where you will learn and grow alongside high calibre talented professionals.
- A collaborative and flexible work environment. Enjoy a hybrid work environment with the opportunity to work remotely or in our offices in Melbourne, Sydney, Singapore, Hong Kong, Dublin, India and Manila.
- Competitive salary packages & benefits while ensuring consistent professional development and opportunities.
Essential Skills & Experience
- Bachelor’s degree in Computer Science/Engineering/Information Security or equivalent work experience
- Minimum 8 years of on the job application security experience
- Strong experience with Python, Swift, Android and Java secure development
- Deep, demonstrable expertise in:
- Identifying and resolving OWASP Top 10 vulnerabilities
- Threat modelling in an Agile environment
- Cryptography implementations
- Authentication and authorization schemes
- Technical monitoring, troubleshooting, impact determination, and problem-solving
- Ability to perform technical risk assessments, evaluate Static Application Security Testing (SAST) tool results, triage security testing results and manage security response actions.
- Self-starter, able to work with a mix of technical and non-technical clients
- Strong documentation skills are a must.
Preferred Skills & Experience
- Experience with financial industry security governance, including PCI DSS, SOC2 and state regulations
- Experience using Burp Suite, Zap, Arachni, or other Dynamic Application Security Testing (DAST) tools for both manual and automated testing
- Experience in software development using Python, Java or other languages.
We know the confidence gap and imposter syndrome can get in the way of meeting spectacular candidates. Please don't hesitate to apply.
Our Equal Opportunity Employer Commitment
Zai is an equal opportunity employer committed to creating a diverse environment for its workforce. All qualified applicants will receive consideration without bias to education, race, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability or age.
If you require any specific assistance or a reasonable adjustment due to a disability please let your recruiter know as part of your application and we will be happy to provide dedicated support.
