Golang Job: Information Security Specialist

• Deliver defensive cyber security services across the Commonwealth Bank
• Provide security insights and expertise using next gen security technologies
• Together we can make a difference to the business and the broader community
  

Do work that matters

The Technology division of CommBank is responsible for the world leading applications of technology and operations across every aspect of the Group. From innovative product platforms for our customers to essential tools within our business. We also use technology to drive efficient and timely processing, an essential component of great customer service.

The Cyber Security team protects the bank and our customers from theft, losses and risk events, through effective and proactive management of cyber security, privacy and operational risk.

See yourself in our team

You will advance the Cyber Defence Operations team mission by directly uplifting our ability to detect and respond to cyber attacks in a timely manner. You will be exploring and mapping out the terrain of adversarial engagements helping the team develop new tactics for the analysis and conceptualization of cyber threats. Through threat hunting activities you will identify patterns of historical activity commensurate with attempted cyber attacks and translate your findings to create a better security outcome for the Group.

Your responsibilities

• Develop hunting hypotheses and use-cases, using OSINT information and insight gathered by the Incident Response, Threat Intelligence, Detection Engineering, Red and Purple teams.

• Develop threat hunting playbooks with contextually relevant information about the queries and other analytics uncovered during the hunt process.

• Contribute to the identification or development of automation opportunities that aid in the simplification and integration of Threat Hunting processes.

• Execute hunts, validate findings, develop threat hunting playbooks and clearly communicate identified control gaps and detected adversary activity to the appropriate teams.

• Triage vulnerabilities and high risk threat actor activity identified by CBAs intelligence team, red-team, purple-team, verify their criticality, and feed the results back into the Threat Hunting prioritization process, to ensure CBA is protected against those threats.

• Collate performance metrics to track hunt missions and drive continuous improvement of existing hunts, and make recommendations to close gaps identified in our security control systems.

• Work in collaboration with other teams in Cyber Defence Operations with a proactive mindset in order to develop common ground and synergistic approaches that help uplift CBA's defensive stance.
  

What you will need to succeed

• Demonstrable technical, hands-on experience investigating real world cyber attacks in various environments, both on premise and cloud

• Have a background in SOC, DFIR, Cyber Detection Engineering or Penetration Testing

• A strong focus on making work metricated and visible

• Working knowledge of adversarial cyber frameworks (like MITRE ATT&CK), the forensic artefacts relevant in attack scenarios and how to obtain that evidence from the available technologies in CBA’s environment

• Exposure to one or more of the following scripting languages: Python, Powershell, C#, Golangs

• Exposure to working with Agile and/or DevOps principles

• Experience developing (or contributing to the development) of automated detection logic

• Exposure to the analysis of large data sets at scale (with a focus on efficiency)

• A holistic view on the business value of a threat hunting program beyond “finding bad things"