info-icon

Please note that due to the many changes brought on by the spread of COVID-19, the dates for the Graduate Program have been amended to the following: Monday 13 July - Interviews for graduate positions commence; Friday 14 August - Offers for graduate positions can be made; Friday 21 August - Offers for graduate positions must be accepted or declined by 5:00pm.

2020/21 CommBank Technology (ES) Summer Intern Program - Cyber Security

DO WORK THAT MATTERS

Our mission is to protect the Bank and our customers from theft, losses and risk events. Our Cyber Security team helps over 14.5 million customers achieve this by providing a secure banking environment where they can interact confidently in an increasingly connected digital world.

This program gives you the opportunity to tailor the career you want. By joining Cyber Security as part of our Technology & Operations (Enterprise Services) Summer Intern Program, you’d have the option to work in the following areas (although not limited to): Penetration Testing, Developing Security Controls, Incident Response, Threat/Cybercrime Intelligence, Digital Forensics, Cyber Outreach, Privacy and Application Security.

At CommBank we’re known for our innovative digital services. We’ve always been pioneers and we’re currently investing heavily in data analytics, cryptocurrencies and Quantum computing. For the hundreds of new services or app updates we release, we need to ensure they are as secure as possible. This is why CommBank is building one of the country’s largest digital assurance teams – our ethical hackers/penetration testers.

Penetration Testing – being our fastest growing area in information security, our ethical hackers are given an almost limitless array of tools to attempt to break our products and services before they go live for our customers, hence - a great environment to work in if you enjoy being up-to-date with the latest technologies and pulling things apart to see how they work.

Developing Security Controls - when we do find vulnerabilities or come up against a new adversary attacking our existing controls, we may need to develop new ones. Occasionally we see malware in the wild that commercially available detection systems haven’t picked up yet and very quickly have to discover how it works, who it’s targeting and who might be vulnerable to it. We might need to disassemble that malware in a controlled environment to see whether we need to adjust our controls. Very occasionally, a threat is so new and so radically different that those controls aren’t readily available, so we might need to develop them on-the-fly. We have a team of software developers that specialise in this area. Even with the commercially available software we use, it’s rarely a case of ‘set and forget’. We have systems that generate alerts every time an anomaly appears in the logs of our network devices and teams of people who focus on refreshing the algorithms used in those systems. A strong foundation in programming, maths and an interest in data analytics would be advantageous to working in this area.

Cyber Incident Response – A dynamic and fast-changing area of IT - when we do have incidents that are worthy of our attention, there are specialist responders who investigate and triage. They will adjust our controls if we were to experience something like a Denial or Service attack and will analyse malware found in the wild to protect our customers against infection or to assist law enforcement. Our people typically have a broad mix of computing, network engineering and problem solving skills.

Threat and Cybercrime Analyst – Becoming more attuned to our adversaries’ methods of attack, a Threat Analyst takes in data from potentially hundreds of sources, on what might be over the horizon to lookout for any actor or scam that specifically targets our customers and the digital services they are likely to use. These feeds might come from security vendors, Computer Emergency Response Teams, our peers in other security teams, from the Government or our customers reporting a scam they’ve been sent on an email. They study the underground marketplaces used by malicious actors to see what malware kits they’re selling, what data they’re dumping and whose credentials they’ve stolen.

Digital Forensics – A massive growth area, working in digital forensics requires a rare mix of computing skills with a sound knowledge of the law, in cases where we need to prove what historical events happened on a computer system and may be used for legal discovery.

Privacy Advisors –Our privacy advisors need to understand the intersection of the law and computing. Our privacy team help to ensure every new service or app we release is compliant with Privacy regulations, and that every app or service meets the privacy expectations our customers have of us as a bank.

Application Security– We are now working closer and closer with the software development teams at Commbank to educate and provide tools to assist them to develop more secure code.

WE’RE LOOKING FOR YOU

We are looking for people to be part of high performing engineering teams in one of the largest and most forward thinking technology houses in Australia. You’ll have the opportunity to do real work that will allow you to put your passion and transferrable skills you’ve gained from your studies into practice and develop your technical knowledge, whilst contributing to outcomes which positively impact our business and customers.

SEE YOURSELF IN OUR SUMMER INTERN PROGRAM:

Our 10-week program starting on 23rd November 2020, gives you a taste of what it’s like to work in our Cyber Security Division as well as more broadly across Technology & Operations.

Together we can make a difference for our customers as well as businesses and the broader community.

WE INVEST IN YOUR FUTURE

With a significant investment in cyber security and quantum cryptography, you will have the chance to work with and learn from the best in one of the most advanced and diverse Cyber Security teams in Australia.

WE’RE INTERESTED IN HEARING FROM YOU IF:

  • You’re passionate about security and the cyber landscape.
  • You’re willing to bring a fresh perspective to the way we do things. Working here is all about your ideas and engagement ability.
  • You’re an Australian or New Zealand permanent resident or citizen at the time of application (essential).
  • You’re in your penultimate (second last year) of your university degree, or if you are doing a double degree, you must be in your penultimate year of your overall studies (essential).
  • You’ve achieved at least a credit average across your university degree (essential).


At CommBank, we’re committed to building a diverse and inclusive workforce reflecting the customers, businesses and communities we serve. As a values driven organisation, we nurture and support our people; through focussing on skill and talent development, collaboration, flexibility and internal promotion. With service in mind at every touch point, we take accountability for the role we play in securing and enhancing the financial wellbeing of people, businesses and communities. At CommBank you can be you.