Life at Webjet
The Webjet Group offers online travellers unmatched convenience and choice with our top digital travel brands (Webjet OTA & GoSee). Our innovative technology (Trip Ninja) further enhances the booking and transaction process, making it even better! We empower our customers to compare, combine and book the best flight deals – whether you’re travelling domestically or internationally. But we don’t stop there, Webjet is a one-stop shop for all things travel! We have your accommodation, packaged holiday deals, tours, travel insurance and car hire (worldwide!) sorted. Our team is based in Melbourne and we support our team’s work-life balance through a Hybrid working model. We’ve taken a company-wide approach to office days, bringing the team in Tuesday and Wednesday for collaboration, fun events and food!
Job Description
Webjet strives to be at the leading edge of technology, developing solutions to meet the travel needs of our customers. We have evolved our architecture into cloud native microservices hosted on Azure. Our product focused delivery teams are self-contained and have end to end ownership of their product. “You build it, you ship it, you own it”, is core to the Webjet way.
We are on the hunt for an Application Security Engineer to join our growing Group Security team here at Webjet. This is a wide-ranging role that covers a set of key responsibilities including managing our cloud security, project risk assessments, understanding key security risks to the business and working with our stakeholders and development teams to put appropriate controls in place to mitigate these security risks.
Desired Skills and Experience
In this role, you'll be tasked with:
- Understanding our internal threat landscape and work with relevant teams to mitigate related risks.
- Supporting and collaborating with development and platform engineering teams in building security into DevOps processes.
- Championing our vulnerability management program to understand key weaknesses to the business and help tune these controls.
- Collaborating with development teams to investigate security alerts raised and track through to remediation.
- Championing our security review process by performing risk assessments for new technical projects and enhancements to understand key risks and appropriate mitigations to the business.
- Working closely with our key stakeholders to ensure they understand their environment and business processes to identify key security risks and provide advice on what appropriate controls could be implemented to reduce our exposure to risk.
- Supporting the audit function within the team to ensure we are operating to internal and relevant industry standards.
What we love to see:
- Demonstrated commercial experience within a Cybersecurity role
- Prior experience with Web Development and Software Engineering with C#, GoLang, Python or other languages
- Experience with hardening and security of Linux operating system
- Hands-on technical security/penetration testing for Web applications
- Experience with security related architecture & code reviews and security assurance activities
- Knowledge of OWASP top 10 and relevant controls.
- Experience with cloud technologies in Azure or AWS.
Why Webjet?
- We thank our team with an annual $250 Webjet gift card, free travel insurance and discounted travel across the Webjet offering via webjet.com.au
- An annual hackathon that the whole company gets involved in, ideas born on our Hackdays often make it into production and the winner needs to be in production within 12 months!
- An extensive events calendar, when we say we’re fun – we mean it.
- We support you through one of life’s biggest moments, providing up to 12 weeks of paid primary leave and 2 weeks of secondary carer leave.
- Have a big trip planned or thinking of school holidays? We offer purchased additional annual leave!
Want to learn more? Check out our social media pages below and keep in touch:
Successful candidates joining Webjet are required to undergo a National Police Record check and must have full-time Australian working rights on an ongoing basis.
No Recruitment Agency candidates will be accepted at this time.