Principal Security Operations Engineer

Summary

Join DEFEND, a leading New Zealand cybersecurity firm, as a Principal Security Operations Engineer. Lead a team in delivering cybersecurity excellence to government and enterprise clients. Oversee network traffic monitoring, threat mitigation, and incident response. Develop and enhance security detection and response playbooks. Train and mentor junior team members. Stay current on the latest security trends. This role requires strong technical expertise, customer-centricity, and experience in incident response. DEFEND offers flexible work arrangements and robust professional development opportunities.

Requirements

• Strong technical expertise: Experience in vulnerability scanning tools, SIEM, EDR, and/or related security tools and technologies
• Customer-centric mindset: Proven experience engaging with customers to communicate complex technical issues clearly to stakeholders at all levels, driven by a passion for creating exceptional experiences
• Documentation expertise: Strong writing and review skills to produce high-quality reports and processes
• Incident response experience: Experience working in complex cybersecurity incidents, with an understanding of DFIR processes
• Continuous improvement: Passion for staying ahead of evolving threats and driving security innovation to ensure we deliver value and excellence to our customers
• Experience in Cybersecurity roles e.g. Analyst and SOC roles. (4 year +) and/or other relevant Cybersecurity experience
• Relevant Cybersecurity qualifications (e.g. Sans, CompTIA, Microsoft)

Responsibilities

• Regularly review events and alerts from a range of customers, looking for signs of compromise
• Flag noisy and underperforming alerts for improvement, and work to track and develop more robust detections
• Help build out our detection and response playbooks, adding new insights and automations to our investigation and incident response procedures
• Identify gaps in existing detection or response playbooks, ensuring they are always up-to-date and effective
• Provide SME support during Security Incident Response and Post-Mortem activities
• Train and develop junior team members and work to develop skills in the monitoring team
• Stay up to date with the latest security trends and threats
• Oversee the monitoring and analysis of network traffic, identify and mitigate security threats, and ensure our customers' IT infrastructure remains secure and resilient
• Lead the team in active monitoring of our clients and spearhead incident investigation and response, utilizing Endpoint Protection, Firewalls, and Security Monitoring tools

Preferred Qualifications

• Relevant certifications: Demonstrating expertise in cybersecurity practices by achieving relevant certifications is advantageous (e.g., ISC2/SANS GIAC/CompTIA or equivalent)
• A degree or relevant tertiary qualification is also beneficial

Benefits

• Flexible working arrangements are available to suit your lifestyle
• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way
• Mentors: You’ll be joining a team of truly passionate and highly skilled individuals who are at the top of their game and who enjoy imparting their knowledge and experience to others
• Opportunity: Progress into other exciting roles across DEFEND
• With a national focus throughout New Zealand, our team is made up of skilled individuals at different stages in their careers, therefore we can offer flexibility in base location, as well as embracing remote working