Ezypay is an award-winning fintech company that specialises in processing subscription and recurring payments. Since 1996, Ezypay has helped local Australian and New Zealand businesses generate revenue and settle complex financial scenarios with repeat customers the easy way. To date, Ezypay has processed over $3 billion worth of subscription payments. Our cloud-based payment platform offers a suite of easy-to-use subscription management services to process recurring direct debit payments across multiple sites, multiple payment methods, and multiple currencies. Core features include generation and automation of dynamic subscription plans, omni-channel customer sign-ups, scheduled payments, invoicing, failed payment handling, and reporting. Ezypay’s modern cloud-based architecture runs in a secure AWS environment and has a suite of open APIs for software integration partners to leverage the billing platform as part of their own offering. Use it as stand alone solution or integrate it into your existing business software. With offices in Australia, New Zealand and Malaysia, generating recurring revenue globally becomes easy. Ezypay currently processes payments in 9 countries across the Asia Pacific region (Australia, New Zealand, Malaysia, Singapore, Philippines, Hong Kong, Taiwan, Thailand and South Korea) and is continually expanding. We're the easy choice for taking recurring payments. Currently collecting subscription payments in: *Australia *New Zealand *Malaysia *Singapore *The Philippines *Hong Kong *South Korea *Taiwan *Thailand

Job description

About the role:

As a Senior Security Analyst at Ezypay, you directly contribute to and shape Australia’s leading recurring payments and subscription billing API. The product supports the definition of payment plans and collections using multiple payment methods.

As a Senior Security Analyst with Ezypay, you will:

Maintain PCI Compliance: Ensure that all systems and processes comply with the Payment Card Industry Data Security Standard (PCI DSS).
Security Monitoring: Continuously monitor network traffic and system logs for unusual activity, potential threats, and vulnerabilities.
Vulnerability Assessments: Conduct regular vulnerability assessments to identify and mitigate security risks within the organization’s systems and infrastructure.
Penetration Testing Support: Collaborate with and support external partners who perform penetration testing, ensuring they have the necessary access and information.
Policy Development: Develop and enforce security policies and procedures to ensure compliance with PCI DSS and other relevant regulations.
Security Awareness Training: Educate engineers on security best practices and PCI compliance requirements.
Blue Team Activities: Participate in blue team exercises to improve the organization’s defensive capabilities against cyber threats.

Requirements

5+ years in a similar role
Bachelor’s Degree in Computer Science, Software Engineering or relevant Information technology industry experience.
Experienced in PCI or ISO 27001
Understanding of security best practices (software and systems)
Linux administration experience on cloud infrastructure
Good understanding of software and systems architecture
Experience programming in at least one compiled or interpreted language (Java, .Net, Python, Bash, Powershell etc.)

Benefits