I work in the Cloud Native Service Enablement (CNSE) squad, which is part of the wider team managing our AWS and Azure Cloud Platforms. One of our key responsibilities is whitelisting AWS and Azure services so that we have the controls in place to allow users across the Bank to access them within the public cloud landscape. We work closely with a team of Security Architects and often involve other squads such as Workspaces or Networks to implement our solutions. I tend to use the AWS or Azure consoles alongside the Command Line Interfaces (CLIs). The languages I use include Python, PowerShell and Bash.


Most days I get up early to go to the pool for swim training. I’m part of an adult swim team and my specialty is short distance swims. Since moving to hybrid working and working from home more often, it’s been great having more time to dedicate to my swimming. I’m always starving after training and the extra time in the mornings means that I can prepare a proper breakfast and enjoy a cup of tea in the sun before starting work.

I usually like to start my day with online training for around 30 minutes. I studied predictive analytics at university and started in the CommBank grad program in data science. I then found my way into engineering for my second rotation. The grad program has a huge focus on learning. Setting aside this time for development has really helped me pick up Python and learn about AWS and Azure services. I’m grateful that the grad program gave me the opportunity to explore other teams and job roles. I was so sure I was going to work in data science, but my engineering rotation changed my mind. The great thing about CommBank is there’s so much opportunity for internal mobility – it’s good to know I could move back into data science in the future if I change my mind again!

After breakfast I’ll log into JIRA, which is our workflow management tool, and get a clear idea of what I need to do that day. Whitelisting initiatives begin with exploring the service and understanding the use-cases via console. We then prepare a Service Design Document detailing how it will be used across the Bank – identifying any risks and the controls we need to put in place. Once it’s been endorsed by cyber security, we develop and implement the detective and preventive controls, which form guardrails around the services we whitelist. This ensures that when someone in the bank is using these services, they are risk compliant.


I’ll have a break for coffee or lunch and sometimes catch-up with work colleagues. If the weather is nice, I’ll also go out for a walk. Otherwise, I might spend some time painting, which is another hobby of mine.


After lunch, we have our daily team call. This is a great time to discuss what we’re working on and call out any issues or blockers. One of the things I love most about CommBank is the people I work with. There are so many experts to learn from and the team is very supportive – there’s a real sense that everyone has each other’s back. We make sure work is distributed amongst the team and everyone is really receptive when you ask for help. Since we have moved to hybrid working, one of the positives I’ve noticed is that there are less barriers to approaching senior leaders. Previously, if I needed some of their time, I would’ve booked a meeting to explain the context, but now I just ping them on Microsoft Teams and people are always very responsive.

When it’s time to wrap up for the day, I silence my work devices and usually do some yoga to wind down. I also love to bake, so will often fire up the oven in the evenings to relax and make some delicious treats.