Posted 16 July, 2026
Senior Security Engineer - Cloudfare & Detection
Vista
Auckland, AUK, NZ
Full Time
Reference: e823831acb7fea17
Job Description
As a Senior Security Engineer - Cloudflare & Security Platforms you will own, engineer, and continuously improve the Vista Cloud Cloudflare estate as a core security and platform capability within Platform Operations. The role is primarily focused on ensuring Cloudflare is well governed, secure, reliable, and managed through repeatable engineering practices, including infrastructure-as-code, GitOps, controlled delivery pipelines, and strong operational documentation. Responsibilities Cloudflare Platform Ownership Act as the technical owner for Vista Cloud’s Cloudflare environment across security, reliability, maintainability, and operational governance. Design, implement, and maintain Cloudflare configurations for WAF, rules, policies, bot mitigation, rate limiting, access controls, and related protections. Manage Cloudflare configuration changes through infrastructure-as-code, GitOps, version control, and controlled delivery pipelines. Reduce manual configuration drift by ensuring production changes are delivered through approved engineering processes rather than direct UI changes wherever practical. Partner with Platform Engineering and Infrastructure teams to ensure Cloudflare is integrated cleanly into Vista Cloud’s broader platform architecture. Security Platform Engineering Provide engineering ownership and operational support for Vista’s security tooling estate, including Elastic SIEM, Sysdig, Intruder.io, SOCRadar, Upwind, Nwebbed, and other current or future platforms as required. Maintain platform health, configuration standards, integration quality, access controls, and engineering hygiene across the security stack. Support onboarding, tuning, lifecycle management, and optimisation of security tools to improve operational value and reduce alert noise. Work with internal stakeholders and vendors to ensure security platforms are configured appropriately for Vista’s security and operational needs. Create and maintain standards, documentation, and runbooks that support operational continuity and clear ownership. Detection Engineering and Threat‑Informed Improvement Design, implement, and refine detection logic and Detection‑as‑Code use cases where they improve Vista’s security operations capability. Use version control, automated testing, and CI/CD practices to manage detection content and related security engineering changes. Improve detection fidelity, reduce false positives, and support better signal engineering across relevant security platforms. Align detection improvements to threat‑informed approaches such as MITRE ATT&CK, threat models, and observed attack patterns where appropriate. Support threat intelligence integration, contextualisation, and continuous tuning of detections over time. Collaboration and Security Enablement Work closely with Platform Engineering, Infrastructure, Application Security, product, and engineering teams to ensure security controls are practical, scalable, and well integrated. Support incident response, investigations, tuning, and operational improvements relating to Cloudflare and the security platform estate. Help shape engineering standards, runbooks, change controls, and operational practices for Cloudflare and related security systems. Contribute to secure‑by‑design improvements across the platform where Cloudflare and related tooling intersect with delivery teams. Requirements Core skills and experience Strong hands‑on experience administering and engineering enterprise Cloudflare environments. Proven experience managing platform or security configuration through infrastructure‑as‑code, GitOps, CI/CD pipelines, automation, and change control. Strong background in cloud security engineering, platform security, security operations engineering, or a closely related discipline. Practical experience with SIEM, runtime security, vulnerability management, threat intelligence, or other security tooling platforms. Ability to work across engineering, operations, and security teams in a pragmatic and delivery‑focused way. Strong documentation, runbook, and operational handover discipline. Highly desirable Detection engineering experience, including Detection‑as‑Code, version control, automated testing, and CI/CD practices for detection content. Familiarity with MITRE ATT&CK, threat‑informed defence, detection lifecycle management, incident response, and post‑incident control improvement. Relevant cloud, security, Cloudflare, SIEM, or security operations certifications are advantageous but not mandatory. We are currently only considering applicants with an existing right to work in NZ, without the need for employer sponsorship, for this position. Benefits Excellent work/life balance including a 4 ½ day working week Hybrid working (home and office‑based split, requiring 1‑2 days attendance per week in the Auckland office) Medical and Life insurance (after qualifying period) Volunteer day, enhanced paid parental leave and wellness benefits Strong mentoring & career development focus Fun team events including the Vista Innovation Cup We value inclusivity celebrate diversity and are committed to offering equal opportunity to our staff and candidates — regardless of gender, age, race, ethnicity, marital status, disability, sex, sexual orientation, religious, ethical beliefs or political opinion. This commitment is reflected in all our employment policies and procedures. #J-18808-Ljbffr