Position: Lead Cyber-Security Engineer
Line Manager: Director of Engineering - Security
Location: Albany, New Zealand
Purpose of the Role
Our purpose is delivering intelligence you can trust, for a better world tomorrow.
With a large established base in New Zealand and a rapidly growing business in the United States and recent relaunch in Australia, the Cyber-security Engineer role will be a key role to help EROAD meet its ambitious strategic and commercial goals.
The outcomes to be delivered in this role are
- Lead our small Security Engineering team work plan and task management to ensure outcomes and milestones are met
- Work cross-functionally across governance, defence and operations
- Security policies and procedures development and maintenance
- Internal compliance and audits (SOC2 and later ISO27001/2)
- Assisting customers with cyber-security enquiries and questionnaires
- Vendor security due-diligence
- Cyber-security maturity assessments
- Developing and facilitating internal cyber-security awareness programmes
- Host vulnerability analysis and risk triage – including co-ordinating efforts with responsible teams
- Assisting teams with secure cloud infrastructure design
- Cyber-security incident response and management of incidents
- Threat intelligence – including building up 6 monthly internal threat intelligence reports
- Development and maintenance of monthly security reports for the governance committee
- Threat hunting
- Monitoring our security platforms for threats and responding to them (detect and response) including custom policy development
- SOAR automations development in Python
- Keeping up to date with latest cyber security tools and techniques including regular training with our cyber-security training platforms
Key Skills and Experience
- Demonstrable experience with public cloud environments, particularly Azure and AWS
- Proven expertise in cyber-security, especially in threat monitoring, hunting, and the use of EDR and SIEM tools
- Proficient in coding and scripting (e.g., Python) for SOAR automation and custom detection policies
- Familiarity with security frameworks, with preferred certifications such as SOC2 and/or ISO27001/2
- Experience collaborating with senior stakeholders
- Skilled in information security policy development
- Track record of leading teams to achieve targeted outcomes
- Adept at interacting with customers during security assessments
- Understanding of agile software engineering principles
This Job Description is not intended to be complete or limiting. EROAD is in a “high growth” mode and the role will require a proactive and flexible approach to manage tasks that support a rapid and innovative environment.