ICT Security Specialist

Role purpose

The ICT Security Specialist is responsible for designing, implementing, and operating UniLink’s cyber security controls across endpoints, cloud, networks, identity, and applications. You will lead security monitoring and incident response, drive risk reduction, and ensure security practices align with New Zealand regulatory and privacy expectations.

Key responsibilities

Security operations & monitoring

• Operate and improve security monitoring (SIEM/EDR), alert triage, and threat hunting.

• Manage vulnerability scanning, prioritisation, patch coordination, and remediation tracking.

• Maintain secure configurations/baselines for servers, endpoints, firewalls, and cloud services.

Incident response

• Own incident response workflow: detection → containment → eradication → recovery → post-incident review.

• Run tabletop exercises, maintain playbooks, and coordinate with vendors/partners when required.

• Produce incident reports with root cause analysis and corrective actions.

Security engineering

• Implement and maintain security controls including MFA, conditional access, PAM principles, email security, WAF, network segmentation, and secure logging.

• Support secure cloud adoption (e.g., Microsoft 365/Azure/AWS/GCP as applicable): identity hardening, key management, secure access, monitoring.

• Review and improve backup security, disaster recovery, and ransomware resilience.

Governance, risk & compliance

• Maintain and update security policies, standards, and procedures.

• Conduct risk assessments for systems, suppliers, and new projects; recommend mitigations.

• Support audits and compliance workstreams (e.g., privacy, customer due diligence expectations, internal controls).

Secure delivery & advisory

• Partner with engineering and project teams to embed security in delivery (secure SDLC, change reviews, architecture reviews).

• Provide security guidance on system design, access models, data protection, and third-party integrations.

• Deliver security awareness guidance to staff (phishing, safe handling of data, device hygiene).

Key deliverables (first 90–180 days)

• Establish a practical security baseline (asset inventory, MFA coverage, EDR coverage, patch/vuln cadence).

• Implement measurable security reporting (top risks, vuln backlog, incident metrics).

• Document incident response playbooks and complete at least one exercise.

• Review critical systems and cloud configurations; deliver a prioritised remediation roadmap.

Required skills & experience

• 3+ years in cyber security / security engineering / security operations.

• Strong knowledge of: IAM/MFA, network security, endpoint security, vulnerability management, incident response.

• Experience with common security tooling (e.g., SIEM, EDR, vulnerability scanners, email security, firewall/WAF).

• Ability to write clear security documentation and communicate risk to non-technical stakeholders.

• Familiarity with New Zealand privacy expectations and good security governance practices.

Preferred

• Cloud security experience (Microsoft 365/Azure preferred; AWS/GCP also valued).

• Scripting/automation (PowerShell, Python) for security operations.

• Security certifications (one or more): Security+, SSCP, GSEC, AZ-500, SC-200, CISSP (or working toward).

• Experience working with fintech, payments, or regulated environments.

Personal attributes

• Practical, calm under pressure, and comfortable owning incidents end-to-end.

• Strong attention to detail with a bias for action and continuous improvement.

• Collaborative style—able to influence without slowing delivery.

What we offer

• Competitive salary package based on experience

• Hybrid work options (role-dependent)

• Training budget and certification support

• A chance to build and shape UniLink’s security foundations