Security Operations Lead
Wellington, New Zealand
Contact Energy
Join one of NZ's leading providers of electricity, natural gas, broadband, solar & renewable energy. We put our energy where it matters.Company Description
Te Tākinatanga | Our Story
At Te Mata Hiko (Contact Energy), we believe home is the most important place in the world. It's all part of our vision to leave Aotearoa better than we found it. We’re a power and broadband company, but we’re so much more than that. We are transforming the ways we mahi, and how Aotearoa is powered, leading the charge on renewable energy and digitising customer journeys in ways not yet seen here. A team of 1000+ from all walks of life who love what we do, look out for each other, and learn from one another every day, we’re stoked to be guided by our tikanga: we touch lives to make life better.
Cybersecurity is a critical cog in this wheel. Ultimately, we have to make sure we keep the lights on, keep people safe, and protect the information we’ve been entrusted with by customers and kaimahi. As the threat landscape is constantly changing, so too will the challenges you face in your work. This means learning opportunities galore, along with the chance to work truly consultatively in a business where it matters.
Job Description
As part of our Leadership Team for the Information Risk and Security team, you will play a crucial role in shaping the team culture, setting interaction standards, and supporting the business in managing technology risk while enabling digital transformation objectives safely. As the Security Operations Lead, you will be the expert security practitioner responsible for managing and optimising our operational security tools and services. In this role, you will lead Security Operations as a line manager, fostering the development of your team to enhance Contact's security maturity and cyber resilience. Collaboration is key, and you will have the opportunity to contribute to the overall security strategy and support strategic decisions on the operational security roadmap, aligning with the broader organisational goals.
Your responsibilities will include mentoring and developing your security team, contributing to the creation and maintenance of Information Security policies, and leading Security Operations specific standards and processes. You will manage the risk of new initiatives through the support and audit of new systems and vendors, oversee vulnerability management, and develop incident response procedures and playbooks. Additionally, you will lead security incident response processes, collaborate with distributed teams, and support the Head of Information Security in preparing performance & incident reports. Ensuring compliance with regulatory objectives and participating in operational exercises to enhance our threat response capability will also be key aspects of your role.
Qualifications
This position will require a broad set of skills and experience. Contact will seek and recruit talent that have extensive Information Security experience in large and complex organisations, including the following key attributes and behavioral competences:
- Over 5 years of experience in at least a senior security operations related role including experience as team leader or mentor with direct reports.
- Good stakeholder engagement and communication skills with an ability to build credibility with senior level stakeholders across the organisation.
- Strong analytical and problem-solving skills.
- Prioritise setting others up for success by being up front and honest, clear on expectations, clear on roles and responsibilities, and being clear on what success looks like, with a genuine concern for the relationship and wanting to see others succeed.
- Enthusiasm and commitment to achieve and make a real difference in a constructive and collaborative way.
- Proficiency with MS Sentinel, Netskope, CrowdStrike, Qualys and other market leading security tools.
- Relevant Certifications in the Information Security field e.g. CISSP, CCSP, CCSK, CISA, CISM, or other relevant certification.
- In depth knowledge of Information Security operational principles and practices.
- In depth knowledge of Information Security Risk Management, Information Security principles and practices.
- Broad understanding, and expertise in several areas, of ICT security including data networks, serverless architecture, API security, Web security, traditional and Web Application Firewalls, databases, Incident detection and management, cryptography, and cloud hosted environments.
Additional Information
We support our people to work how, where and when works the best. Some of the Information Security team are based in Wellington while many of our Digital, Retail and Generation team are also based in Auckland or across our sites all over Aotearoa, so you can find time to korero and build relationships across the business if you want the mix of home/office. While we’d like to catch up in person sometimes, this role can be fully remote so we’re open to applications from all over Aotearoa.
We are growing and offer superb learning and development opportunities along with a bunch of other perks like free health insurance cover, better-than-your-average leave, access to Contact Shares, a ‘Good to be Home’ annual payment toward your home set up & wellbeing, a trail-blazing parental leave policy, discounts on Contact Energy products, and more.
Please note, only candidates with the right to live and work in New Zealand will be considered for this role.
If you have any patai on this role or would like a copy of the job description, please reach out to Ben Francis (Ben.Francis@contactenergy.co.nz)
Research shows that while men apply to jobs where they meet 60% of the criteria, women and those in underrepresented groups tend to only apply if they tick every box. We're not about box ticking, so if you think you have what it takes but don't meet everything stated above, please still get in touch. We'd love to kōrero.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: APIs CCSK CCSP CISA CISM CISSP Cloud Compliance CrowdStrike Cryptography Firewalls Incident response Qualys Risk management Security strategy Sentinel Strategy Vulnerability management
Perks/benefits: Career development Home office stipend Parental leave
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Cybersecurity Engineer jobs
- Open Security Operations Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Information Security Officer jobs
- Open Principal Security Engineer jobs
- Open Senior Product Security Engineer jobs
- Open Information Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open IT Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Network Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Manager Pentest H/F jobs
- Open Security Consultant jobs
- Open Security Operations Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Information Security Architect jobs
- Open SOC-related jobs
- Open Risk assessment-related jobs
- Open Agile-related jobs
- Open Network security-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open ISO 27001-related jobs
- Open GCP-related jobs
- Open IAM-related jobs
- Open Application security-related jobs
- Open Pentesting-related jobs
- Open Threat intelligence-related jobs
- Open Vulnerability management-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CEH-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs
- Open Java-related jobs
- Open SaaS-related jobs
- Open DevSecOps-related jobs