Commonwealth Bank

Staff Security Engineer

Commonwealth Bank  •  Bengaluru, IN (Onsite)  •  2 hours ago
Apply
AI can make mistakes so check important info. Chat history is never stored.

Job Description

Organization: At CommBank, we never lose sight of the role we play in other people’s financial wellbeing. Our focus is to help people and businesses move forward to progress. To make the right financial decisions and achieve their dreams, targets, and aspirations. Regardless of where you work within our organisation, your initiative, talent, ideas, and energy all contribute to the impact


Job Title: Staff Security Engineer
Location: Bangalore

Business & Team:
We're building tomorrow’s bank today, which means we need creative and diverse engineers to help us redefine what customers expect from a bank. Envisioning new technologies that are still waiting to be invented and reimagining products that support our customers and help build Australia’s future economy.
CommBank is recognised as leading the industry in IT and operations with its world-class platforms and processes, agile IT infrastructure, and innovation in everything from payments to internet banking and mobile apps. Cyber Security protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.
The CBA technology unit delivers the best digital banking services to Commonwealth Bank customers and to do so is responsible for digital delivery, group data and analytics, technology and technology infrastructure, cyber, fraud, physical security and business resilience for all divisions across CBA. It is also dedicated to delivering the best workplace technology experience for our over 53.000 people across CBA and focused on providing the latest tools, technology, and resources to enhance the way we work together and empower our people to achieve more for our customers.
The Security Engineering team protects the group and our customers from theft, loss and risk events, through effective and proactive management of cyber security, privacy and operational risk.

Impact & Contribution:

  • Designing and implementing secure solutions that align with group security policies, standards, and reference architecture.
  • Work on threat modelling and can interpret and understand key cyber controls across the Group.
  • Identify security requirements, qualify threats to design the IT systems and build countermeasures to minimise cyber risks.
  • Collaborating with cross-functional teams to drive security outcomes throughout the design, build, and run phases of product development
  • Supporting the adoption of modern scalable and high-velocity security practices, including Secure by Design, DevSecOps, and Automation
  • Contributing to the continuous innovation and re-engineering of existing security engineering practices, including the development of practice strategies, patterns, and processes
  • Staying up to date with the evolving technology landscape and providing expert guidance on security engineering best practices
  • Supporting the response to high-profile security incidents, technology strategy and selection, and automation of security services

Roles & Responsibilities:

  • Provide deep technical hands-on Experience in security engineering, with a focus on design, strategy and implementation of secure solutions.
  • Have strong understanding of security policies, standards, and reference architecture, and expertise in threat modelling, threat detection, control mapping, vulnerability analysis and control engineering risk identification.
  • Are experienced in designing and building reusable security patterns and or solutions.

Essential Skills:

  • 12+ years of experience in Security Engineering with strong expertise in Secure Software Development.
  • Proven experience with Secure-by-Design, DevSecOps, and Security Automation practices (SAST, DAST, IAST).
  • Skilled in designing and implementing enterprise Security Guidelines, Standards, and Practices.
  • Hands-on experience in Secure Design Reviews, Threat Modelling (STRIDE / STRIDE-LM), Secure Code Reviews, and Risk Management.
  • Experience authoring and reviewing security assessments, Security Zone Models, Data Flow Diagrams, Control Objectives, and Residual Risk analysis.
  • Strong understanding of Security Reference Architectures, Security Patterns, and Security Zone Models applied to solution design and reviews.
  • Experience assessing solutions using a Technology Criticality / Risk Rating framework to right-size security controls.
  • Ability to identify control gaps, raise and manage risks, and align solutions to enterprise security policies, standards.
  • Hands-on experience securing Docker, Containers, and Kubernetes environments.
  • Experience with Cloud Security (AWS/Azure), including Cloud Reference Architectures, Workload Placement Patterns, and Native Cloud Service Security Assessments.
  • Experience partnering with Penetration Testing teams to explore and map exploit and attack paths.
  • Familiarity with AI systems (GenAI, LLMs, RAG, AI Agents) and their security considerations, including AI threat modelling and secure AI design.
  • Experience leveraging AI-assisted security tooling (e.g., automated threat modelling, risk generation, and pattern selection) to accelerate secure design.
  • Proven ability to mentor and uplift engineering squads and security champions on secure design and secure coding practices.
  • Familiarity with financial industry regulations and standards such as APRA, PCI-DSS.
  • Preferred certifications: CISSP, CCSP, and CSSLP

Education Qualification:
Bachelor’s degree or master’s degree in engineering in Computer Science/Information Technology

If you're already part of the Commonwealth Bank Group (including Bankwest, x15ventures), you'll need to apply through Sidekick to submit a valid application. We’re keen to support you with the next step in your career.

We're aware of some accessibility issues on this site, particularly for screen reader users. We want to make finding your dream job as easy as possible, so if you require additional support please contact HR Direct on 1800 989 696.

Advertising End Date: 30/08/2026

Commonwealth Bank

About Commonwealth Bank

Australia’s leading provider of financial services including retail, premium, business and institutional banking, funds management, superannuation, insurance, investment and sharebroking products and services.

We are a business with more than 800,000 shareholders and over 52,000 employees. We offer a full range of financial services to help all Australians build and manage their finances.

Connect with us, we'd like to hear from you:

facebook.com/commonwealthbank

twitter.com/commbank

youtube.com/commbank

youtube.com/commbankbusiness

instagram.com/commbank

Our Community Guidelines can be found at:

https://www.commbank.com.au/support/social-networks.html

For information on our Privacy Policy visit https://www.commbank.com.au/support/privacy

Industry
Finance & Insurance
Company Size
10,000+ employees
Headquarters
Sydney, AU
Year Founded
Unknown
Social Media