Software Engineer

Summary

Join Employment Hero's product-security squad as a pioneer Software Engineer (Fraud & Abuse) and leverage your full-stack engineering skills and adversarial mindset to protect millions of employee records. You will analyze competitor defenses, map real-world attack paths, and develop countermeasures. Key responsibilities include attack-path mapping, funnel integrity improvements, experimentation and metrics analysis, rapid iteration, stakeholder collaboration, and agile delivery. The ideal candidate possesses 3+ years of professional software development experience, full-stack proficiency, experience with scalable web services, and an AI-first mindset. Bonus points are awarded for experience in fraud detection, abuse prevention, and familiarity with specific tools and technologies. Employment Hero offers a competitive package, flexible location options, and a supportive, low-bureaucracy culture.

Requirements

• 3+ years of professional software development (server-side and RESTful APIs)
• Full-stack proficiency - React (or similar) on the front end, Python, Java, PHP or another OOP language on the back end. You will pick up Ruby with us
• Experience shipping and operating scalable web services
• AI-first mindset - fluent with ChatGPT, v0.dev or similar tools to accelerate ideation, coding and analysis
• Strong understanding of modern engineering practices including automated testing, CI/CD, trunk-based development and agile squad models
• Analytical thinker who can turn messy fraud data into actionable insights
• Clear and persuasive communicator able to translate technical findings into risk, customer impact and business value

Responsibilities

• Attack-Path Mapping - Re-create real scam workflows end to end to surface choke-points and gaps across our product suite
• Funnel Integrity Improvements - Propose and implement best-practice patterns to counter free-funnel abuse
• Experimentation & Metrics - Design test to balance security friction with conversion
• Rapid Iteration - Monitor emerging attacker tactics, validate detection efficacy and ship counter-measures within days
• Stakeholder Collaboration - Partner with Marketing (site gating), Product POs, CX Ops and Blue-Team SOC analysts to orchestrate smooth roll-outs
• Agile Delivery - Blend BA, product-owner and full-stack engineering responsibilities in a single role, owning problems from discovery through to shipped code

Preferred Qualifications

• Exposure to fraud detection, abuse prevention, threat hunting or product security
• Experience with growth-stage SaaS or high-traffic marketplace products
• Familiarity with Datadog, SIEM, KYC/KYB or WAF tuning

Benefits

• Meaningful scope owning fraud and abuse defences that protect millions of end-users
• Speed and autonomy to ship ideas quickly in a supportive, low-bureaucracy culture
• AI playground with budget and freedom to experiment with cutting-edge generative AI tooling
• Competitive package including base salary and stock options, with a premium band for exceptional candidates
• Flexible location with Sydney HQ, hybrid or remote
• You will work remotely, with the flexibility to own your time and impact
• You will access cutting-edge tools to amplify your work, knowledge and outputs
• You’ll surround yourself with ambitious, outcome-driven colleagues who challenge you to do the best work of your life
• You’ll own ESOP (employee share options) in one of the world’s fastest-growing tech companies
• You’ll also have access to a wide range of benefits that includes - a very generous paternity leave policy, subsidised egg freezing (so you can make the choice that’s right for you, on your terms), a WFH office expense budget, and outstanding learning & development opportunities