Auckland, New Zealand
Contact EnergyJoin one of NZ's leading providers of electricity, natural gas, broadband, solar & renewable energy. We put our energy where it matters.
Te Tākinatanga | Our Story
At Te Mata Hiko (Contact Energy), we believe home is the most important place in the world. It's all part of our vision to leave Aotearoa better than we found it. We’re a power, mobile and broadband company, but we’re so much more than that. We are transforming the ways we mahi, and how Aotearoa is powered, leading the charge on renewable energy and digitising customer journeys in ways not yet seen here. A team of 1000+ from all walks of life who love what we do, look out for each other, and learn from one another every day, we’re stoked to be guided by our tikanga: we touch lives to make life better.
Cybersecurity is a critical cog in this wheel. Ultimately, we have to make sure we keep the lights on, keep people safe, and protect the information we’ve been entrusted with by customers and kaimahi. As the threat landscape is constantly changing, so too will the challenges you face in your work. This means learning opportunities galore, along with the chance to work truly consultatively in a business where it matters.
Kōrero mō te tūranga | About the role
As a Security Specialist at Contact, you’ll provide sound counsel to the business on all aspects of Information Security, working with people who are doing cool things in IT and Digital to make sure they go well and safely. Day-to-day, there’ll be all the stuff you’re used to: Risk workshops, risk assessments, teams chats and emails. You might take some time to read up on new technologies, cloud platforms or defensive technologies; you might engage an architect for a kōrero on how they hope to achieve the controls objectives with their planned solution architecture and how you can assist. You’ll review high level and detailed designs, take a chance to look at some threat intelligence or collaborate with our Security Operations team and add your thoughts on current mitigations or challenges.
We’re early adopters of technology, so there’s always a lot on the go. We work consultatively to be enablers of the business rather than blockers, taking a risk-based approach that informs the right stakeholders to land our initiatives inside risk tolerance, providing governance that understands technology and business risk. Your mindset allows you to focus on the big picture, while understanding the detail, technology and attack frameworks that are your subject matter expertise. Translating the risk conversations and how we might mitigate it to language our decision makers and stakeholders can understand helps to develop trust and engagement.
The type of business we are means this role comes with diverse, interesting problem-sets. We have great foundations and great support, but as we scale up it’s vital that we continue to hold a security lens to everything we do. Reporting to the Principal Security Practice Lead, you’ll join a tight-knit, collaborative team who are passionate about this mahi, proud of how well they do it, and excited to keep delivering.
Ko wai koe | About you
Your ability to collaborate and speak to the business in language that they understand is the #1 thing we’re looking for. Of course, there’s some prerequisite experience – to have those conversations, you’ll need broad understanding and expertise in several areas of ICT security such as data networks, serverless architecture, API security, Web security, Web Application Firewalls, databases, incident detection and management, cryptography, and cloud hosted environments. But to truly engage with people to advise, consult, guide, and lead, your collaboration skills and ability to establish trust will be most important.
As we take a risk-based approach to all our engagements, it’s essential you understand risk as a concept, have demonstrated experience with risk frameworks & management, and are comfortable considering factors beyond just the technical, looking at and responding to changes in the business as well as threat landscape. To do this effectively, it’s important to be flexible – we all have different communication and working styles; something you’re used to navigating to tailor an approach that’s truly consultative.
We’ll also be looking out for:
- Relevant Certifications in the Information Security field e.g., CISSP, CCSP, CCSK,
- Appropriate/relevant qualifications such as certifications in one or more of AWS, Azure, Google Cloud, VMWare and Cisco,
- Experience contributing to the development of pragmatic security frameworks,
- Consulting with product, service and project teams on implementing security by design, and
- Cloud platforms knowledge.
We support our people to work how, where and when works the best. Some of the Information Security team are based in Wellington while many of our Digital, Retail and Generation team are also based in Auckland or across our sites all over Aotearoa, so you can find time to kōrero and build relationships across the business if you want the mix of home/office. While we’d like to catch up in person sometimes, this role can be fully remote so we’re open to applications from all over Aotearoa.
We are growing and offer superb learning and development opportunities along with a bunch of other perks like free health insurance cover, better-than-your-average leave, access to Contact Shares, a ‘Good to be Home’ annual payment toward your home set up & wellbeing, a trail-blazing parental leave policy, discounts on Contact Energy products, and more.
Please note, only candidates with the right to live and work in New Zealand will be considered for this role.
Research shows that while men apply to jobs where they meet 60% of the criteria, women and those in underrepresented groups tend to only apply if they tick every box. We're not about box ticking, so if you think you have what it takes but don't meet everything stated above, please still get in touch. We'd love to kōrero.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Senior Information Security Analyst jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Information Security Officer jobs
- Open Security Operations Engineer jobs
- Open Analyste CERT / Incident Responder junior (H/F) jobs
- Open Ingénieur DevSecops H/F jobs
- Open Staff Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open Senior Security Architect jobs
- Open Chief Information Security Officer jobs
- Open Analyste CERT / Incident Responder senior (H/F) jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Security Analyst jobs
- Open o365 Security Architect jobs
- Open Principal Security Engineer jobs
- Open Senior Cyber Security Engineer jobs
- Open Staff Product Security Engineer jobs
- Open Electronic Warfare Advanced Tactical Trainer jobs
- Open Security Researcher jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open SOC-related jobs
- Open GCP-related jobs
- Open Risk assessment-related jobs
- Open Governance-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Analytics-related jobs
- Open CISM-related jobs
- Open IAM-related jobs
- Open SaaS-related jobs
- Open Threat intelligence-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open Vulnerability management-related jobs
- Open Java-related jobs
- Open CISA-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Kubernetes-related jobs
- Open Forensics-related jobs
- Open APIs-related jobs
- Open DoD-related jobs
- Open EDR-related jobs
- Open Splunk-related jobs