Security Operations Lead

Posted Jun 8

Company Description

Te Tākinatanga | Our Story   

At Te Mata Hiko (Contact Energy), we believe home is the most important place in the world. It's all part of our vision to leave Aotearoa better than we found it. We’re a power and broadband company, but we’re so much more than that. We are transforming the ways we mahi, and how Aotearoa is powered, leading the charge on renewable energy and digitising customer journeys in ways not yet seen here. A team of 1000+ from all walks of life who love what we do, look out for each other, and learn from one another every day, we’re stoked to be guided by our tikanga: we touch lives to make life better.

Cybersecurity is a critical cog in this wheel. Ultimately, we have to make sure we keep the lights on, keep people safe, and protect the information we’ve been entrusted with by customers and kaimahi. As the threat landscape is constantly changing, so too will the challenges you face in your work. This means learning opportunities galore, along with the chance to work truly consultatively in a business where it matters.

Job Description

As part of our Leadership Team for the Information Risk and Security team, you will play a crucial role in shaping the team culture, setting interaction standards, and supporting the business in managing technology risk while enabling digital transformation objectives safely. As the Security Operations Lead, you will be the expert security practitioner responsible for managing and optimising our operational security tools and services. In this role, you will lead Security Operations as a line manager, fostering the development of your team to enhance Contact's security maturity and cyber resilience. Collaboration is key, and you will have the opportunity to contribute to the overall security strategy and support strategic decisions on the operational security roadmap, aligning with the broader organisational goals.

Your responsibilities will include mentoring and developing your security team, contributing to the creation and maintenance of Information Security policies, and leading Security Operations specific standards and processes. You will manage the risk of new initiatives through the support and audit of new systems and vendors, oversee vulnerability management, and develop incident response procedures and playbooks. Additionally, you will lead security incident response processes, collaborate with distributed teams, and support the Head of Information Security in preparing performance & incident reports. Ensuring compliance with regulatory objectives and participating in operational exercises to enhance our threat response capability will also be key aspects of your role.

Qualifications

This position will require a broad set of skills and experience. Contact will seek and recruit talent that have extensive Information Security experience in large and complex organisations, including the following key attributes and behavioral competences:

  • Over 5 years of experience in at least a senior security operations related role including experience as team leader or mentor with direct reports.
  • Good stakeholder engagement and communication skills with an ability to build credibility with senior level stakeholders across the organisation.
  • Strong analytical and problem-solving skills.
  • Prioritise setting others up for success by being up front and honest, clear on expectations, clear on roles and responsibilities, and being clear on what success looks like, with a genuine concern for the relationship and wanting to see others succeed.
  • Enthusiasm and commitment to achieve and make a real difference in a constructive and collaborative way.
  • Proficiency with MS Sentinel, Netskope, CrowdStrike, Qualys and other market leading security tools.
  • Relevant Certifications in the Information Security field e.g. CISSP, CCSP, CCSK, CISA, CISM, or other relevant certification.
  • In depth knowledge of Information Security operational principles and practices.
  • In depth knowledge of Information Security Risk Management, Information Security principles and practices.
  • Broad understanding, and expertise in several areas, of ICT security including data networks, serverless architecture, API security, Web security, traditional and Web Application Firewalls, databases, Incident detection and management, cryptography, and cloud hosted environments.

Additional Information

We support our people to work how, where and when works the best. Some of the Information Security team are based in Wellington while many of our Digital, Retail and Generation team are also based in Auckland or across our sites all over Aotearoa, so you can find time to korero and build relationships across the business if you want the mix of home/office. While we’d like to catch up in person sometimes, this role can be fully remote so we’re open to applications from all over Aotearoa. 

We are growing and offer superb learning and development opportunities along with a bunch of other perks like free health insurance cover, better-than-your-average leave, access to Contact Shares, a ‘Good to be Home’ annual payment toward your home set up & wellbeing, a trail-blazing parental leave policy, discounts on Contact Energy products, and more.

Please note, only candidates with the right to live and work in New Zealand will be considered for this role.

If you have any patai on this role or would like a copy of the job description, please reach out to Ben Francis (Ben.Francis@contactenergy.co.nz)

Research shows that while men apply to jobs where they meet 60% of the criteria, women and those in underrepresented groups tend to only apply if they tick every box. We're not about box ticking, so if you think you have what it takes but don't meet everything stated above, please still get in touch. We'd love to kōrero.