Cyber Security Engineer
Job Description
Permanent – Full Time (37.5 hours per week)
\nWellington
\nNZRC offers a total remuneration approach of circa $81k for this role, which comprises of base salary as well as employer contribution to KiwiSaver. While remuneration rates are set to reflect that we are a humanitarian not for profit organisation, we believe our employee leave provision and flexible working arrangements, provide a highly rewarding work experience
\nWe’re building something. Come build it with us.
\nNew Zealand Red Cross is in the middle of an exciting digital transformation. We’re modernising how we operate, maturing our technology capability, and — critically — we’re bringing our cyber security function in-house. That means we need someone who can hit the ground running, build the kind of security operations that actually work, and do it all without taking themselves too seriously.
\nThis isn’t a desk-warm-and-ticket-close role. You’ll be shaping how we detect, respond, and continuously improve. You’ll work in a small, opinionated, slightly chaotic, genuinely brilliant team — and the work will actually matter.
\nWhat you’ll do\n- \n
- Security operations and incident response — end-to-end coordination, triage, comms, and post‑incident reviews \n
- SIEM tuning and detection improvement — onboarding log sources, improving signal quality \n
- Cloud and platform security — baseline configs, Zero Trust identity enforcement, configuration drift across M365 and Azure \n
- Vulnerability management — scanning, severity assessment, remediation prioritisation and tracking \n
- Risk governance and assurance support — risk assessments, register maintenance, third‑party reviews \n
- Security awareness and phishing simulations — building a culture that actually sticks \n
- \n
- 3–6 years of security operations or cloud security experience \n
- Cloud security configuration knowledge — M365, Azure and/or AWS \n
- Practical vulnerability management — scanning, severity assessment, remediation tracking \n
- Risk communication — the ability to translate findings into plain English \n
- Foundational scripting ability — PowerShell, Python or similar \n
- Knowledge of security frameworks — NIST, ISO, CIS or equivalent \n
- Bonus: experience transitioning from outsourced to in‑house security models \n
You can operate in ambiguity without breaking a sweat. You push back when something’s wrong, but you do it with kindness. You take the work seriously and yourself less so. You genuinely enjoy helping people understand why security matters — not by scaring them, but by making it make sense. You care about doing good work in a place that does good things. And you’d very much like a nickname.
\nBenefits\n- \n
- Five weeks annual leave \n
- Discounts on Southern Cross health insurance \n
We are committed to having an accessible, diverse, inclusive, and barrier‑free work environment where everyone can reach their full potential.
\nYou must have the right to live and work in New Zealand to be considered for this job.