Let’s introduce ourselves
We’re a venture-scaler powered by CommBank. That means we build, buy, and invest in start-ups that could benefit the bank’s 15 million customers and beyond.
Because of what we do, we’re really neither corporate, nor start-up – instead we’re happily navigating the space between both worlds. We’re close enough to benefit from the bank’s strategy, scale, and stability, but separate enough that we have the autonomy to try new things.
What it’s like to work here
We’re a community of galvanisers, thinkers, and doers. We have a big, bold vision, which so far no-one has nailed (including us). That excites, rather than deters, us.
We never lose sight of the impact we can have on people’s lives, and the role that each of us plays in shaping the bank of the future. We don’t take ourselves too seriously and make time to connect to celebrate and grow our people.
At x15, we’re guided by three values: Care, courage, and commitment. And what does that mean? We’re aware, attuned, and always act to help our people and our customers. We’re more than just job titles and we don’t hide the human stuff. We lead with grit and grace and do what’s right – even if it’s hard. And, whatever happens, we always find a wa y.

WHERE WOULD YOU FIT?

We are looking for a Security Operations Engineer to support x15 and its portfolio of ventures, which includes financial technology brands such as TruYu, Kit, Credit Savvy, Home-In and Doshii. In this role you will work under the guidance of our security operations lead, to build out our security operations capability based on Sentinel to support heterogenous workloads across both Azure and AWS.
This will involve aggregating data sources, building intelligent detections tuned to each business, and performing a full range of blue team duties that includes incident response and remediation. In this role you will report to the Lead SecOps Engineer. You will contribute to the cyber security program for x15 and all its ventures and be responsible for key security deliverables across our portfolio as we grow and innovate.

EXPERIENCE

• Tertiary qualifications in a relevant field would be highly regarded
• Experience with managing SIEM/SOAR platforms such as Microsoft Sentinel, Splunk or other similar platforms
• 2-3 years’ experience in a security operations or security engineering role
• Experience with endpoint security, vulnerability management and data loss prevention tools.
• Ability to solve complex problems and communicate / document solutions
• Excellent communication and interpersonal skills to collaborate and influence a diverse range of stakeholders

DESIRED SKILLS:

• Experience with automation and scripting languages such as Python, PowerShell, or Bash
• Experience/Knowledge of Azure and AWS cloud technologies
• System engineering or network engineering skills
• Proactive approach and passion for information security
  Research shows that people from underrepresented backgrounds sometimes hesitate to apply for roles if they don’t meet every requirement. If this is you, don’t worry - we still encourage you to apply. We are committed to creating a workplace that supports long-lasting and meaningful careers for everyone, and your unique skills and perspective might be just what we’re looking for!

• Conduct security monitoring, event analysis and response using all available tools used by x15 Security.
• Investigate and remediate security incidents through the entire incident response lifecycle.
• Integrate security tools and technologies with the Security Information and Event Management (SIEM) platform.
• Build the capability to integrate log collection from different types of workloads such as IaaS, PaaS and SaaS logs.
• Ensuring essential data sources for security investigation are logging and flowing through the SIEM platform.
• Develop detection content for high quality signals and alerting.
• Develop SOAR capability to automatically enrich, contextualize security events to streamline investigations and security response
• Analyse vulnerabilities, threats and risks and provide recommendations to the x15 core team as well as to the ventures to improve the security posture.
• Contribute to improving effective SOC processes and procedures
• Execute threat hunts using threat intelligence to discover malicious activity, risks and anomalies.
• Ensure delivery of detection and response services and guidance for x15ventures in identifying control objectives and any potential control gaps.