Security Specialist

Company Description

Te Tākinatanga | Our Story   

At Te Mata Hiko (Contact Energy), we believe home is the most important place in the world. It's all part of our vision to leave Aotearoa better than we found it. We’re a power, mobile and broadband company, but we’re so much more than that. We are transforming the ways we mahi, and how Aotearoa is powered, leading the charge on renewable energy and digitising customer journeys in ways not yet seen here. A team of 1000+ from all walks of life who love what we do, look out for each other, and learn from one another every day, we’re stoked to be guided by our tikanga: we touch lives to make life better.

Cybersecurity is a critical cog in this wheel. Ultimately, we have to make sure we keep the lights on, keep people safe, and protect the information we’ve been entrusted with by customers and kaimahi. As the threat landscape is constantly changing, so too will the challenges you face in your work. This means learning opportunities galore, along with the chance to work truly consultatively in a business where it matters.

Job Description

Kōrero mō te tūranga | About the role

As a Security Specialist at Contact, you’ll provide sound counsel to the business on all aspects of Information Security, working with people who are doing cool things in IT and Digital to make sure they go well and safely. Day-to-day, there’ll be all the stuff you’re used to: Risk workshops, risk assessments, teams chats and emails. You might take some time to read up on new technologies, cloud platforms or defensive technologies; you might engage an architect for a kōrero on how they hope to achieve the controls objectives with their planned solution architecture and how you can assist. You’ll review high level and detailed designs, take a chance to look at some threat intelligence or collaborate with our Security Operations team and add your thoughts on current mitigations or challenges.

We’re early adopters of technology, so there’s always a lot on the go. We work consultatively to be enablers of the business rather than blockers, taking a risk-based approach that informs the right stakeholders to land our initiatives inside risk tolerance, providing governance that understands technology and business risk.  Your mindset allows you to focus on the big picture, while understanding the detail, technology and attack frameworks that are your subject matter expertise. Translating the risk conversations and how we might mitigate it to language our decision makers and stakeholders can understand helps to develop trust and engagement.

The type of business we are means this role comes with diverse, interesting problem-sets. We have great foundations and great support, but as we scale up it’s vital that we continue to hold a security lens to everything we do. Reporting to the Principal Security Practice Lead, you’ll join a tight-knit, collaborative team who are passionate about this mahi, proud of how well they do it, and excited to keep delivering.

Qualifications

Ko wai koe | About you

Your ability to collaborate and speak to the business in language that they understand is the #1 thing we’re looking for. Of course, there’s some prerequisite experience – to have those conversations, you’ll need broad understanding and expertise in several areas of ICT security such as data networks, serverless architecture, API security, Web security, Web Application Firewalls, databases, incident detection and management, cryptography, and cloud hosted environments. But to truly engage with people to advise, consult, guide, and lead, your collaboration skills and ability to establish trust will be most important.

As we take a risk-based approach to all our engagements, it’s essential you understand risk as a concept, have demonstrated experience with risk frameworks & management, and are comfortable considering factors beyond just the technical, looking at and responding to changes in the business as well as threat landscape. To do this effectively, it’s important to be flexible – we all have different communication and working styles; something you’re used to navigating to tailor an approach that’s truly consultative.

We’ll also be looking out for:

• Relevant Certifications in the Information Security field e.g., CISSP, CCSP, CCSK,
• Appropriate/relevant qualifications such as certifications in one or more of AWS, Azure, Google Cloud, VMWare and Cisco,
• Experience contributing to the development of pragmatic security frameworks,
• Consulting with product, service and project teams on implementing security by design, and
• Cloud platforms knowledge.

Additional Information

We support our people to work how, where and when works the best. Some of the Information Security team are based in Wellington while many of our Digital, Retail and Generation team are also based in Auckland or across our sites all over Aotearoa, so you can find time to kōrero and build relationships across the business if you want the mix of home/office. While we’d like to catch up in person sometimes, this role can be fully remote so we’re open to applications from all over Aotearoa.

We are growing and offer superb learning and development opportunities along with a bunch of other perks like free health insurance cover, better-than-your-average leave, access to Contact Shares, a ‘Good to be Home’ annual payment toward your home set up & wellbeing, a trail-blazing parental leave policy, discounts on Contact Energy products, and more.

We're keen to move quickly on this one, so apply now!

Please note, only candidates with the right to live and work in New Zealand will be considered for this role.

Research shows that while men apply to jobs where they meet 60% of the criteria, women and those in underrepresented groups tend to only apply if they tick every box. We're not about box ticking, so if you think you have what it takes but don't meet everything stated above, please still get in touch. We'd love to kōrero.