Senior Security Engineer
Help embed secure-by-design and DevSecOps practices across the technology delivery lifecycle.
Build reusable security patterns, guardrails and automation that make secure delivery easier for engineers.
Contribute to Group Security’s purpose of safeguarding a brighter future for all by securing the bank and protecting customers.
Do work that matters:
As a Senior Security Engineer, you’ll help shape how security is embedded into modern engineering practices across the Group.
This role sits at the intersection of security architecture, security engineering, artificial intelligence-enabled risk assessment and DevSecOps transformation. You’ll help simplify the adoption of security capabilities by developing reusable security patterns, automating security controls and enabling secure outcomes throughout the Software Development Lifecycle.
You’ll work closely with engineering, architecture, platform and cyber security teams to modernise security delivery through automation, AI and GenAI integration, threat modelling and scalable security design practices.
This is a hands-on engineering role where you’ll build capabilities that help teams deliver safely, quickly and with less friction.
See yourself in our team:
Group Security is part of Technology and brings together capabilities across Group Security Office, Group Cyber Security, Protective Security and Business Resilience, Group Fraud Technology, Group Fraud Management Services and Cyber Defence Operations.
The team works to safeguard a brighter future for all by securing the bank, protecting customers, recovering from the bad day and creating an amazing and admired place to work.
You’ll be part of a team focused on creating a cyber-secure organisation through intelligent governance, protection, detection, response, recovery and resilience.
The Security Design Centre of Excellence plays an important role in enabling secure-by-design practices, DevSecOps adoption, reusable security patterns, automated risk assessment and security guardrails that can be consumed by engineering teams across the organisation.
In this role, you will:
Lead security design reviews, architecture assessments and threat modelling activities for strategic technology initiatives.
Develop and maintain enterprise security patterns, reference architectures, standards and guardrails.
Design and implement automation for security risk assessments, control validation and continuous assurance.
Embed security controls into Software Development Lifecycle and CI/CD pipelines to support secure delivery at scale.
Apply cloud and platform security expertise to design secure cloud-native solutions and automated compliance controls.
Build secure APIs, integrations, data pipelines and security visualisation capabilities using modern engineering practices.
Partner with cyber security, architecture, engineering and platform teams to improve developer experience and security outcomes.
Mentor engineers and security practitioners in secure design, DevSecOps and threat modelling practices.
We’re interested in hearing from people who have:
Experience in security engineering, security architecture, security design, DevSecOps or a related field.
Strong experience with security architecture, threat modelling and technical risk assessment.
Practical experience implementing secure-by-design and DevSecOps principles in complex technology environments.
Experience automating security controls, assessments, governance processes or continuous assurance activities.
Hands-on experience with cloud platforms, Infrastructure as Code, CI/CD tooling, containers or platform engineering.
Programming experience with languages such as Python or TypeScript, plus experience building APIs or integrations.
Familiarity with threat modelling and security frameworks such as MITRE ATT&CK, OWASP, NIST or STRIDE.
A collaborative and outcome-focused approach, with the ability to influence security decisions across engineering and technology teams.
Working with us
At CommBank, we're committed to creating an accessible, inclusive and respectful workplace. If you require support or adjustments, please let us know. We welcome applications from people of all backgrounds and we're particularly committed to making a positive difference for Aboriginal and/or Torres Strait Islander Peoples. For support please contact 1800 989 696.
If this sounds like the right next step for you, apply now. We’d love to hear from you.
If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.
We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.
Advertising End Date: 29/07/2026