AddressYou are a problem solver with a strong background in cyber security, technical risk and threat modelling.
We are one of the best and most advanced Cyber Security teams in Australia.
Together we can contribute to protecting the group, its customers and community.
Your business:
The Technology division delivers the Group's information technology and banking operations functions to ensure the highest levels of customer service through world-class process excellence and technology innovation. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.
We support our people with the flexibility to balance where work is done with at least half your time each month connecting in office. We also have many other flexible working options available including changing start and finish times, part-time arrangements and job share to name a few. Talk to us about how these arrangements might work for you.
Your new team:
Group Technology is responsible for the world-leading application of technology and operations across every aspect of the bank, from innovative product platforms for our customers to essential tools within our business. We also use technology to drive efficient and timely processing, an essential component of great customer service.
The Security Engineering team protects the group and our customers from theft, loss and risk events, through effective and proactive management of cyber security, privacy and operational risk.
Your impact and contribution:
As the Senior Security Engineer, you are responsible for the end-to-end delivery and design across a variety of cyber security initiatives, projects and uplifts. You will be able to work with new and exciting technologies, while making a significant impact through hands-on design, architecture and delivery, all while working across a large-scale security landscape.
The role's main focus will be working across a number of business domains (specifically Business Banking and Payments) and being responsible for providing end to end security outcomes as part of the SDLC lifecycle. This may include providing security design artefacts, threat modelling and offering advice and support across technical risk and security analysis.
You will also:
Be part of the Practice Innovation Taskforces to contribute to the strategic direction of Security Engineering and drive security as part of the end-to-end delivery process.
Contribute to making sure security is embedded as part of the business.
Have the ability to interpret and understand key cyber controls across the group.
Secure business capabilities through consulting, contribution, and integration of security services.
Providing guidance to juniors and peers on security concepts and/or contribute to security strategies like patterns, reference architectures etc.
Contribute and review design and engineering artefacts to ensure the group's policies, standards, objectives, regulations, compliance obligations and industry best practices are met.
Identify security requirements, qualify threats to design and build countermeasures to minimise cyber risks.
Ensure security requirements are being met through design and operating effectiveness.
Facilitate the on-boarding of cyber security capabilities via the consumption of integration specifications and patterns.
We are interested in people who:
Will bring experience across cyber Security Engineering and design, having previously worked across a similar large-scale business environment. You are proficient in managing cyber threats and security risk while influencing, designing and implementing new and modern deployment initiatives.
You will bring:
Proficiency in threat modelling, DevSecOps and control engineering.
Solid understanding of cryptographic principles and Identity and Access Management (IAM).
Experience in designing and implementing modern deployment initiatives such as; microservices, web applications, APIs, containerisation, event driven, mobile applications and integration platforms.
Experience in developing within an API centric consumption/on boarding ecosystem is highly regarded.
Proficiency in implementing cloud native security solutions in AWS preferred but not limited to.
Experience in Payment services - PCI-DSS, SWIFT and NPP and or Cryptography - PKI, Keys are highly desirable but not essential.
If this role is of interest to you, please apply directly or reach out to have a confidential discussion in more detail.
If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We're keen to support you with the next step in your career.
We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.
Advertising End Date: 02/03/2024
