Lead Cyber-Security Engineer

Posted:
12/3/2024, 4:53:53 PM

Location(s):
Upper Harbour, Auckland, New Zealand ⋅ Auckland, New Zealand

Experience Level(s):
Senior

Field(s):
IT & Security ⋅ Software Engineering

Position: Lead Cyber-Security Engineer

Line Manager: Director of Engineering - Security                                                     

Location: Albany, New Zealand

Purpose of the Role

Our purpose is delivering intelligence you can trust, for a better world tomorrow. 

With a large established base in New Zealand and a rapidly growing business in the United States and recent relaunch in Australia, the Cyber-security Engineer role will be a key role to help EROAD meet its ambitious strategic and commercial goals.

The outcomes to be delivered in this role are

  • Lead our small Security Engineering team work plan and task management to ensure outcomes and milestones are met 
  • Work cross-functionally across governance, defence and operations
  • Security policies and procedures development and maintenance
  • Internal compliance and audits (SOC2 and later ISO27001/2)
  • Assisting customers with cyber-security enquiries and questionnaires
  • Vendor security due-diligence
  • Cyber-security maturity assessments
  • Developing and facilitating internal cyber-security awareness programmes
  • Host vulnerability analysis and risk triage – including co-ordinating efforts with responsible teams
  • Assisting teams with secure cloud infrastructure design
  • Cyber-security incident response and management of incidents
  • Threat intelligence – including building up 6 monthly internal threat intelligence reports
  • Development and maintenance of monthly security reports for the governance committee
  • Threat hunting
  • Monitoring our security platforms for threats and responding to them (detect and response) including custom policy development
  • SOAR automations development in Python
  • Keeping up to date with latest cyber security tools and techniques including regular training with our cyber-security training platforms

Key Skills and Experience

  • Demonstrable experience with public cloud environments, particularly Azure and AWS
  • Proven expertise in cyber-security, especially in threat monitoring, hunting, and the use of EDR and SIEM tools
  • Proficient in coding and scripting (e.g., Python) for SOAR automation and custom detection policies
  • Familiarity with security frameworks, with preferred certifications such as SOC2 and/or ISO27001/2
  • Experience collaborating with senior stakeholders
  • Skilled in information security policy development
  • Track record of leading teams to achieve targeted outcomes
  • Adept at interacting with customers during security assessments
  • Understanding of agile software engineering principles

This Job Description is not intended to be complete or limiting. EROAD is in a “high growth” mode and the role will require a proactive and flexible approach to manage tasks that support a rapid and innovative environment.