Staff Security Engineer - Cloud

• You are a problem solver with strong hands-on background in Cloud Native cyber security.

• You have proficient expertise in cloud native security design with a key focus on AWS products. infrastructure management, system admin/engineering, and DevOps Toolchains. 

• Together we can contribute to protecting the Group, Customers and Community.

Do work that matters:

We're building tomorrow’s bank today, which means we need creative and diverse engineers to help us redefine what customers expect from a bank. Envisioning new technologies that are still waiting to be invented and reimagining products that support our customers and help build Australia’s future economy.

CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.

See yourself in our team:  

The CBA technology unit delivers the best digital banking services to Commonwealth Bank customers and to do so is responsible for digital delivery, group data and analytics, technology and technology infrastructure, cyber, fraud, physical security and business resilience for all divisions across CBA. It is also dedicated to delivering the best workplace technology experience for our over 53.000 people across CBA and focused on providing the latest tools, technology, and resources to enhance the way we work together and empower our people to achieve more for our customers.

The Cloud Security Technology Crew is part of the group’s wider cyber security landscape. This division ensures the delivery of complex security initiatives with a key focus on the

Group’s cloud security offerings across platforms and various systems. Our mandate is to protect the business’ platforms, systems, data, digital assets, and reputation that is interconnected with the organisation’s cloud estate. We also support the Group in developing innovative and market-leading offerings, which are underpinned by security, privacy, and trust.

The Staff Security Engineer is a deep technical subject matter expert driving cyber security outcomes for public cloud platform, specifically in AWS platform and drive automation across the Group.

Your impact and contribution:

• Work on threat modelling and can interpret and understand key cyber controls across the Group.

• Design and implement cloud native security solutions and or vendor products across the wider group.

• Provide guidance to junior colleagues and peers on security concepts and/or contribute to security strategies like patterns, reference architectures etc.

• Contribute and review design and engineering artefacts to ensure the Group’s policies, standards, objectives, regulations, compliance obligations and industry best practices are met.

• Identify security requirements, qualify threats to the IT systems and build countermeasures to minimise cyber risks.

• Ensure security requirements are being met through design and operating effectiveness.

• Facilitate the on-boarding of cyber security capabilities via the consumption of integration specifications and patterns.

• Independently complete security design and threat modelling.

• Drive the development of strategic programs of work, including proof of concept developments.

• Utilise strong understanding of core business and technical strategies to deliver best business outcomes through technical implementation.

• Develop the technical strategy, overseeing medium to complex engineering initiatives.

We’re interested in hearing from people who: 

• Are proficient in implementing security solutions in public cloud specially in AWS essential.

• Have expertise in threat modelling, threat detection, control mapping, vulnerability analysis and risk identification essential.

• Are experienced in securing cloud hosted workloads by contributing in design and building reusable security design patterns essential.

• Hold extensive experience in cloud native security implementation e.g single sing on, Guard Duty, IAM, Network controls etc.

• Have large-scale cloud migration experience highly regarded.

• Have extensive experience in driving security automation

• Are experienced in designing and implementing modern deployment initiatives such as; microservices, web applications, APIs, containerisation, event driven, mobile applications and integration platforms.

• Have exhaustive experience in developing within an API centric consumption/on boarding ecosystem.

Working with us: 

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.