Staff Security Engineer

Who we are

We're a venture-scaler powered by CommBank. That means we build, buy, and invest in startups that could benefit the bank's 15 million customers and beyond.

Because of what we do, we're really neither corporate, nor startup – instead we're happily navigating the space between both worlds. We're close enough to benefit from the bank's strategy, scale, and stability, but separate enough that we have the autonomy to try new things.

What it's like to work here

We're a community of galvanisers, thinkers, and doers. We have a big, bold vision, which so far no-one has nailed (including us). That excites, rather than deters, us.

We never lose sight of the impact we can have on people's lives, and the role that each of us plays in shaping the bank of the future. We don't take ourselves too seriously and make time to connect to celebrate and grow our people.

At x15, we're guided by three values: Care, courage, and commitment. And what does that mean? We're aware, attuned, and always act to help our people and our customers. We're more than just job titles and we don't hide the human stuff. We lead with grit and grace and do what's right – even if it's hard. And, whatever happens, we always find a way.

Where do you fit?

As a
Staff Security Engineer,
you'll be a technical authority across cyber, fraud and scams security. You'll partner with venture teams, guide security strategy, and lead by doing from threat hunting to building automation into SOC playbooks, to embedding security frameworks across the ventures.

You'll play a pivotal role in shaping how we detect, respond and assure security across multiple ventures while helping us scale our security function in a lean, startup-friendly way.

In this role you will

• Fraud and Scams Defence – Develop and uplift fraud and scams prevention controls across ventures.
• Security Assurance – Build lightweight, effective security assurance programs aligned to NIST CSF and ACSC Essential 8.
• SOC & Threat Hunting – Lead purple team exercises, hunt threats using Microsoft Sentinel and the Defender Suite.
• Automation First – Design and implement automated playbooks, reduce repetitive SOC tasks, and improve detection efficiency
• Architecture & Consultation – Partner with engineers and executives to embed secure design and provide pragmatic security consultation.
• Mentorship – Coach security engineers, share threat-hunting techniques, and uplift team capability.
• Reliability Mindset – Apply site reliability engineering practices to build resilient, observable, and scalable security systems.
• Continuous improvement – Uplift maturity across ventures, lead security assessments and contribute to cross-venture threat models.

We are interested to hear from people who have

• Proven experience in cyber security, fraud and scams prevention.
• Hands-on expertise in Microsoft Sentinel and Defender XDR suite, with real-world threat hunting experience.
• Strong SOC background: incident response, detection engineering, threat hunting.
• Track record of mentoring engineers and building team-wide technical capability.
• Passion for automation-first security operations (SOAR, scripted playbooks, automated remediation)
• Knowledge of NIST frameworks, Essential 8 maturity and threat assessments.
• Strong purple teaming mindset – you can think like an attacker, defend like a blue-teamer, and design like an architect.
• Excellent communication skills: able to consult with product teams risk leaders and executives in plain language.

Desired skills:

• Familiarity with site reliability engineering principles applied to security.
• Experience running or contributing to security assurance programs (e.g. audits, control testing, RCSA).
• Background in fraud detection platforms or scam-prevention tooling.
• Exposure to cloud-native zero trust environments (Azure, AWS, SaaS-heavy).
• Experience working in startup or scale-up environments balancing pragmatism with control maturity.
• Industry contribution (publications, conference talks, regulator/industry working groups).

Why Join Us?

• Enjoy a flexible and dynamic startup environment
• We nurture a safe space for our people to show up as they are
• Competitive salary and bonus structure
• Opportunities for professional growth and development
• Access to the best in class benefits that CommBank offers.

Research shows that people from underrepresented backgrounds sometimes hesitate to apply for roles if they don't meet every requirement. If this is you, don't worry - we still encourage you to apply. We are committed to creating a workplace that supports long-lasting and meaningful careers for everyone, and your unique skills and perspective might be just what we're looking for