Endpoint Security Engineer

• Innovate with cutting-edge technology tools, and world-class engineers.
• Collaborate in an open, inclusive, and future-focused work environment.
• Grow through limitless learning and professional development opportunities.
• Connect with flexibility, whether WFH or at our modern, centrally located tech campuses.

See yourself in the Team

The Secure Desktop Engineering team are at the forefront of delivering secure, seamless, and high-performing desktop experiences for every employee across CommBank. As part of the broader End User Experience (EUX) function, the team play a vital role in protecting the organisation’s digital workplace through robust endpoint security, modern engineering practices, and continuous innovation.

From deploying enterprise-wide security solutions such as Microsoft Defender and Sentinel, to embedding CIS benchmarks and zero-trust principles into our desktop fleet, they design, build, and maintain the platforms and tools that ensure our desktops are not only productive but also resilient against evolving cyber threats.

If you’re passionate about security, thrive in a collaborative environment, and want to help shape the future of secure work, this team is for you.

Your Role

As an experienced Endpoint Security Engineer, you’ll lead the implementation and ongoing management of Microsoft’s suite of security tools, ensuring our users are protected - Wherever they work.

You’ll bring deep expertise in Microsoft Cloud App Security (MCAS), Microsoft Sentinel, Windows Defender, and cyber security standards to implement and manage controls that protect the organisation’s digital assets.

Whether it’s automating patching pipelines, integrating telemetry for proactive threat detection, or enabling secure remote access, you’ll work closely with colleagues in Cyber Security, Infrastructure Engineering, and Workplace Technology to deliver proactive solutions and embed security as a foundational element of the user experience. To achieve this, you may expect to:

• Implement, configure, and manage Microsoft Defender for Endpoint, Sentinel, Defender for Cloud Apps (MCAS), and 365 Defender for comprehensive threat detection, response, and reporting
• Integrate and configure CoPilot for Security, ensuring alignment with defined use cases
• Establish and enforce policies through Microsoft Intune, including device compliance and conditional access
• Deploy and maintain security baselines and attack surface reduction rules
• Manage Windows Autopilot provisioning workflows for secure device deployment
• Work with Entra ID (Azure AD) to manage identity protection, MFA, and role-based access controls
• Collaborate across internal teams to align endpoint security with user experience and operational goals
• Develop and maintain documentation, security standards, and architectural guidance
• Lead continuous risk assessments, control improvements, and compliance with cyber standards such as CIS

You Skills and Experience

We’re seeking an experienced endpoint security engineer with strong Microsoft Security expertise, particularly in Threat Detection and Response. The ideal candidate will bring a strong mix of technical depth, security mindset, and a commitment to effective collaboration. Success in this role will require:

• Hands-on experience with Microsoft Defender for Endpoint, Defender for Identity, Defender for Cloud Apps (MCAS), and Microsoft Sentinel
• Proficiency in Microsoft Intune for device compliance, conditional access, and policy enforcement
• Familiarity with CIS benchmarks and Zero Trust principles
• Strong scripting skills in PowerShell and experience with KQL for threat hunting
• Exposure to CI/CD pipelines and automation of security tasks
• Understanding of cloud platforms (Azure, AWS, or GCP) and endpoint security in hybrid environments
• Experience with EDR, SIEM, and incident response workflows, including reporting and remediation
• Ability to work cross-functionally with engineering, cyber, and infrastructure teams
• Strong documentation and stakeholder engagement skills
• Certifications such as Microsoft Certified: Security, Compliance, and Identity Fundamentals, CISSP, or CISM are advantageous but not essential

Working with us

Whether you’re passionate about customer service, driven by data, or called by creativity, a career with CommBank is for you. Our people bring their diverse backgrounds and unique perspectives to build a respectful, inclusive, and flexible workplace with flexible work locations. One where we’re driven by our values, and supported to share ideas, initiatives, and energy. One where making a positive impact for customers, communities, and each other is part of our every day.

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.