Senior Security Engineer at PaperCut Software

Melbourne, Victoria, Australia -

Full Time

Start Date

Immediate

Expiry Date

02 Jun, 26

Salary

200000.0

Posted On

04 Mar, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Java, Go, React, TypeScript, SDLC, Threat Modeling, Secure by Design, GCP, AWS, ISO27001, SAST, DAST, SCA, Code Review, Containerised Workloads, Mentoring

Industry

Software Development

Description

Job Description Location: Melbourne Team: Business Systems & Security Reporting to: Head of Business Systems & Security The PaperCut Story At PaperCut, we believe two things: great code can change the world, and a great flat white can change your morning. Now, let's be honest, "print management" doesn't usually make people leap out of their chairs. But here at PaperCut, we’ve turned the most boring part of IT into one of the most exciting and impactful jobs in tech. How? Simply put, our code saves trees! We’re a BCorp-certified company on a mission to make our customers' printing waste-free, easy, and secure. With a global footprint spanning 195 countries and 140 million end users, we are a true Australian success story moving forward into the cloud, SaaS, and beyond print. What you’ll actually be doing Influencing without Hierarchy: You’ll work across our diverse tech stack (Java, Go, React, TypeScript etc.), across the organisation, to ensure security is baked into the SDLC from day one. The Helpful Expert: You’ll be the person developers want to talk to. You’ll help them run threat models for new features and coach them on writing code that is secure by design. Modern Cloud Security: You’ll take ownership of securing our global SaaS offerings (along with the DevSecOps team), focusing primarily on Google Cloud Platform (GCP) with some exposure to AWS. Technical Compliance: You’ll work with our Legal team to ensure we meet ISO27001 and other standards, not by filling out spreadsheets, but by building the technical controls that make those standards a reality. Scaling the Practice: You’ll help us select and tune the right mix of SAST, DAST, and SCA tools to keep our pipelines fast and our code safe. What you bring to the table Deep Technical Roots: You’ve spent time in the weeds of information security and are comfortable reading and reviewing code. The "Uplift" Mindset: You measure your success not by how many tickets you open, but by how much more secure the engineering teams become because of your guidance. Cloud Fluency: You have a strong understanding of GCP or AWS and how to secure containerised workloads at scale. Ambition to Lead: You aren't looking for a "Lead" role just yet—you want to stay hands-on while developing the skills to lead a practice and mentor other engineers. Why Join PaperCut? Values-Driven: We’re guided by our values: Caring, Honest, Intelligent, and Nimble (CHIN). They aren't just posters; they’re how we build products and treat each other. Melbourne Born & Bred: We are a true Australian success story, still owned and run by our founder right here in Melbourne. Share the Success: We offer all permanent employees a Share the Success bonus, ensuring that when the company thrives, our people do too. Real Impact: PaperCutters are involved in strategic decisions through collaborative leadership groups. We respect expertise and give you the autonomy to build. Generous Leave: Including up to 18 weeks of parental leave and a genuine commitment to Diversity, Equity, Inclusion, and Belonging. The PaperCut Pledge Ghosting is for Halloween. As a proud 2026 Circle Back Initiative Employer, we commit to responding to every single applicant. Our hiring process is designed to be enjoyable, thorough, and fair, allowing you to show the best version of yourself. Ready to trade your old code for code that saves trees? Apply now—the first coffee is on us! Currency: AUD Department: Business Systems & Security Salary Max.: $200,000 Salary Min. : $180,000 Compensation: AUD 180000 - AUD 200000 - yearly

Responsibilities

This role involves ensuring security is integrated into the Software Development Life Cycle (SDLC) across the organization's diverse tech stack, acting as an expert to coach developers on secure coding practices. The engineer will also take ownership of securing global SaaS offerings, focusing on Google Cloud Platform (GCP), and building technical controls to meet compliance standards like ISO27001.