Senior Cybersecurity Specialist (DevSecOps / Vulnerability Management / Cloud / WAF)
Auckland, New Zealand دوام كامل
كن أول من يتقدم بطلب
- خبرة
- أربع سنوات فأكثر
- مرتب
- —
- الوظائف الشاغرة
- 1
- تم النشر
- لا مزيد من التفريغ
- وضع العمل
- في المكتب
- الأهلية
- Applicants who meet most of the listed criteria and are keen to contribute to enterprise-scale cybersecurity improvements are encouraged to apply. The role is safety sensitive, so the selected candidate must pass additional vetting and continue to satisfy operational safety and regulatory complianc…
- سيرة ذاتية
- مطلوب للتقديم
مكان عملك
المسمى الوظيفي
Role overview
Kia ora. This opportunity is with Air New Zealand, a well-known New Zealand brand, and sits within a cyber security team supporting the wider digital organisation. The role is focused on strengthening cloud security, advancing DevSecOps adoption, and lowering cyber risk across the business as the company continues its digital transformation.
You will help protect technology used to support millions of customer journeys and work closely with teams across the business to improve resilience, control effectiveness, and security operations.
Key responsibilities
- Spot vulnerabilities and security risks, then help shape remediation plans and prioritisation.
- Improve and support SDLC security tools such as SAST and SCA to enable DevSecOps ways of working.
- Introduce and strengthen cloud security controls.
- Oversee WAF rule sets and tune performance where needed.
- Check that outsourced infrastructure providers are meeting security control requirements.
- Review security metrics and prepare health reports that inform decisions.
- Track security incidents and events through security platforms and work with internal and external stakeholders to close them out.
- Take part in incident response and recovery activities.
- Keep security policies, standards, procedures, and guidance documents current and published.
- Deliver analysis, reporting, and insights using research, metrics, SIEM alerts, and incident information.
Candidate profile
The preferred candidate will bring at least 4 years of cybersecurity experience, particularly in vulnerability management and threat, risk, and security analysis. Experience with DevSecOps practices, secure SDLC tooling, and cloud security engineering is important, along with familiarity in hybrid cloud and on-premise network environments.
Applicants should also have experience managing WAFs, including DDoS protection, and working with SIEM or similar security monitoring platforms. A solid grasp of incident response, security governance, and control frameworks is expected, as well as a strong understanding of identity and access management, defence in depth, least privilege, and segregation of duties. Awareness of current security technologies, architecture patterns, penetration testing methods, and common attack techniques is also valued.
Security or cloud certifications such as AWS, CISSP, or an equivalent qualification are preferred.
Benefits
- Discounted staff travel for you and your whānau.
- FlexiLeave, with the option to buy up to four additional weeks of leave.
- Learning and development support to grow your career.
- Access to wellbeing resources and a broad range of staff discounts.
Important information
This position is classified as safety sensitive. The successful candidate will need to complete extra vetting checks and continue to meet the standards required for operational safety and regulatory compliance for the duration of employment.
Applications close on 22 July 2026.
Additional information
Air New Zealand states its commitment to diversity, equity, and inclusion, with a focus on building an environment where people can be themselves and thrive. The organisation highlights that its people are a key differentiator and values the range of perspectives and experiences they bring.
“Whāia te pae tawhiti kia tata. Ko te pae tata whakamaua, kia tina.”
Translation: “Seek to bring distant horizons closer. Once near, seize them and make them your reality.”