Spark New Zealand

Cyber Defence Operations Engineer---devsecops

Auckland, Auckland, NZ

2 days ago
Save Job

Summary

Spark NZ   As New Zealand's largest telecommunications and digital services company, Spark’s purpose is to help all of New Zealand win big in a digital world. We provide mobile, broadband, and digital services to millions of New Zealanders and thousands of New Zealand businesses.    We operate in an exciting and constantly evolving industry, where the pace of change brings new and unique challenges every day, so we operate using Agile ways of working to allow us to meet the fast-changing needs of our customers. Agile replaces the traditional hierarchical organisational structure to produce a transparent, collaborative environment with highly productive teams who are empowered to deliver better outcomes for our customers, communities, and all of New Zealand.      About the Role:  We are looking for a highly skilled and experienced Security Engineer with expertise in application security to join our team. In this role, you will work closely with DevOps teams, cloud teams, and other Cyber Security teams to streamline application security operations. You will be responsible for managing integrations, writing procedures, and ensuring that security practices are integrated into the software development lifecycle (SDLC) while continuously optimizing our cloud security posture for threat detection, prevention, and response   Day to day you will be involved in
  • Integrate security tools and checks into CI/CD pipelines (SAST, DAST, SCA, secrets scanning, etc.).
  • Collaborate with DevOps and development teams to embed security best practices early in the SDLC.
  • Automate security testing and policy enforcement using tools like GitHub Actions, Jenkins, or GitLab CI.
  • Support threat modeling and provide guidance on secure design and architecture.
  • Manage and improve container security practices (image scanning, runtime protection, Kubernetes hardening).
  • Maintain and enhance Infrastructure-as-Code security (Terraform, CloudFormation, etc.).
  • Drive adoption of secure coding practices through documentation, code reviews, and training.
  • Monitor security alerts, triage vulnerabilities, and work with stakeholders to remediate risks.
  • Contribute to security incident response and post-mortem analysis as needed.
  What experience you'll bring?
  • 3+ years of experience in security engineering, DevSecOps, or a related field.
  • Solid knowledge of secure development practices and application security fundamentals.
  • Experience integrating and managing security tools in CI/CD pipelines.
  • Hands-on experience with container security (Docker, Kubernetes, etc.).
  • Strong scripting or development skills (e.g., Python, Bash, or similar).
  • Familiarity with cloud security (AWS, Azure, or GCP) and infrastructure as code.
  • Comfortable working with engineering teams in Agile/DevOps environments.
  • Experience with tools such as SonarQube, Trivy, Checkov, Semgrep, or similar.
  • Experience with secrets management (e.g., HashiCorp Vault, AWS Secrets Manager).
  • Background in threat modeling (e.g., STRIDE, OWASP Threat Dragon).
  • Knowledge of regulatory compliance standards (e.g., ISO 27001, SOC 2, NIST).
  • Familiarity with identity and access management (IAM), least privilege, and zero trust principles.
  • Security certifications (e.g., OSCP, CSSLP, GCSA, or similar).
  WHY CHOOSE US:    Diversity and Inclusion: Te Kanorau me te Whakawhāiti mai    At Spark, we are constantly looking for ways to build a more inclusive culture.  Our vision is for diversity and inclusion to be “how things are done at Spark”, embedded into our day-to-day activities, standards, and business practices.  We want you to feel totally comfortable bringing your whole self to work regardless of your gender, ethnicity, orientation, age, or ability.    Sustainability: Toitū    Sustainability is a key focus for us.  We are dedicated to supporting Aotearoa New Zealand’s recovery and economic transformation.  The principle of equity is at the very heart of our approach, and we remain committed to working in partnership to make a positive contribution to digital equity in line with our focus on Diversity and Inclusion.    Benefits: Awhina   Our people matter and we make sure we look after them.  As a valued employee of Spark, we’ve got our people covered with a range of leading benefits including:   
  • Wellbeing - Comprehensive medical insurance, life and income protection.  Access to wellbeing coaches, EAP and in-house Specialist Clinical support through our leading Mahi Tahi Wellness programme. 
  • Hybrid ways of working - for most teams at Spark this means being in the office for 4 days a week, and 1 day being flexible. 
  • Leave - in addition to four weeks annual leave, we offer purchased leave, enhanced parental leave support and study leave.  
  • Spark Credit – we provide permanent employees with $120 monthly Spark credit to use on any of our amazing products. 
  • Spark Share scheme – periodically we offer the opportunity to buy into our share scheme. 
  • Career development – access to an internal marketplace that connects employees with experiential, on the job learning across Spark.  
  Due to the nature and urgency of this role, we are only considering applicants that are based in New Zealand with permanent residency, citizenship, or a valid work visa (with at least 18 months remaining).

How strong is your resume?

Upload your resume and get feedback from our expert to help land this job

MORE JOBS LIKE THIS