Lendi Group is a market-leading digital platform business focused on transforming the home loan industry. It operates the country’s #1 retail mortgage broker – the iconic Aussie Home Loans franchise – and the Australia’s #1 digital mortgage brand, Lendi.

Together, with its national network of 1,300 brokers and 230 retail stores, the Lendi Group brands give all Australians the power of choice, and confidence, in one of life’s biggest financial decisions.

Building on this market-leading foundation, Lendi Groups vision is to be the undisputed place for Australians to buy and own property through our new Aussie Homes propositions.

Lendi Group’s loan book is more than $100b and it was named Australia’s Aggregator of the Year for 2024

Diversity, Equality, and Inclusion are fundamental to the success of Lendi Group. We’re passionate about fostering an environment where our team members feel valued and supported and we celebrate everyone’s unique identity.

To learn more about life at Lendi Group check out our blog: https://www.lendi.com.au/inspire/category/life-at-lendi/

About the role:

The Security Engineer is a valued member of our engineering team. We value evidence-backed opinions and offer the opportunity to play an integral part in shaping engineering rhythm, culture, and processes across planning, architecture and design, coding, deployment, and support.
In an ever-changing environment, Lendi Group is leading the charge in developing industry-first technology designed to offer Australian homeowners transparency, simplicity, and convenience in their home loan experience.
The Security Engineer partners with engineering teams to evaluate planned changes, minimise security risk, and continuously improve our security posture. A key focus of the role is driving vulnerability and security findings down over time, improving security standards, and embedding secure-by-default practices across both traditional and AI-enabled systems.

• Working closely with the Cyber Security team to ensure security principles are consistently applied across the engineering environment.
• Collaborating and coding with engineering teams to uplift secure development practices and reduce recurring security findings.
• Designing, building, and maintaining secure cloud and microservice solutions.
• Improving security posture through effective use of COTS products, platform controls, and network infrastructure.
• Vulnerability and Threat Management — monitoring and assessing assets including cloud infrastructure, containers, packages, APIs, and requests, with a focus on remediation and measurable risk reduction.
• Supporting the secure design and operation of AI-enabled systems, including LLM integrations, automation agents, and MCP-based architectures.
• Implementing and reviewing AI security guardrails such as access controls, data protection, prompt-injection mitigation, and output validation.
• Collaborating with cross-functional teams including engineering, operations, compliance, data, and AI platform teams.
• Contributing as an individual contributor within a cross-functional DevOps / SecOps team.
• Build or integrate services to improve security and compliance

The ideal candidate is passionate about promoting a security-first culture and has a strong, current understanding of security best practices, with particular focus on cloud security, secure design, incident handling, and operational resilience.
Experience securing microservices in cloud environments and working with configuration-as-code is important for this role. Experience securing AI-driven systems, including LLM-powered services and internal automation, is highly regarded.
Strong communication skills are essential. We value engineers who can clearly communicate risk, trade-offs, and remediation paths, and who approach collaboration with empathy for engineering challenges.

Key Skills

• Strong understanding of networking, infrastructure, and applications from a DevOps perspective with a security focus.
• Hands-on experience implementing and maintaining security controls across cloud environments (particularly AWS) and access management solutions (e.g. Auth0).
• Experience with security logging, monitoring, and vulnerability assessment, with a demonstrated ability to drive findings down and improve baseline security standards.
• Passion for secure coding practices and identifying common implementation and operational security risks.

Desirable Experience

• AWS technologies such as CloudFormation, Terraform, IAM, WAF, Node.js and/or TypeScript.
• Docker, containerised environments, serverless architectures, and Kubernetes.
• Event-driven systems.
• Securing AI platforms, including LLM integrations, MCP implementations, AI guardrails, and automation/build agents.

Lendi Group teams operate across Australia and the Philippines. We’re committed to creating a new era of seamless connection in property finance by changing the way Australians experience property lending, for good.

A few of the benefits that our people rave about include:

• A vibrant, relaxed, yet professional culture
• Holistic wellbeing programs offering 24/7 support, including medical, mental health, and financial wellbeing services to enable our workforce to thrive at home and work
• Generous Paid Parental Leave: we celebrate our growing Lendi Group family with 18-26 weeks leave for primary carers and up to 4 weeks for secondary carers
• An additional week’s Loyalty Leave each year after reaching 3 years of service
• Wellness initiatives with a strong focus on psychological safety
• Social groups such as our industry-leading Women in Technology group.

Our culture is guided by our 3 core values: We Are Stronger United; Act Like You Own It; and Keep Home Loans Human. Our values are part of our core DNA that helps Lendi Group to attract, engage and evolve the right talent and build best-in-class products.

Feeling like you don’t meet all the skills listed? That’s ok; we are always on the lookout for different skills, experience, and qualities and so we’d still like to hear from you.

#lendigroup #LI-GR2 #LI-hybrid