Senior Cybersecurity Specialist (DevSecOps/ Vulnerability Management/ Cloud/ WAF)
Back to Jobs
Air New ZealandGet Smart Job AI Coach in the appFree on iOS and Android 






Senior Cybersecurity Specialist (DevSecOps/ Vulnerability Management/ Cloud/ WAF)
Location
Auckland, Auckland, New Zealand
Experience
Senior
Posted
Jul 7, 2026
Apply by
August 6, 2026
Applicants
0
Early applicantFull-timeWork from Office
Job Description
## Job Description
**Kia ora!**
Help protect one of New Zealand’s most recognised brands. As a Senior Cybersecurity Specialist, you'll strengthen our security capability by improving cloud security, embedding DevSecOps practices, and reducing cyber risk across the business.
Air New Zealand is on an accelerated journey to become the world's leading digital airline. You'll join a collaborative Cyber Security team that works across our Digital function to build secure, resilient technology that supports millions of customer journeys.
**About the role**
- Identify security vulnerabilities and risks, and support remediation planning and prioritisation.
- Support and enhance SDLC security tooling (for example, SAST and SCA) to enable DevSecOps practices.
- Implement and improve cloud security controls.
- Monitor, review and maintain WAF rules and performance.
- Monitor compliance with security controls for outsourced infrastructure providers.
- Analyse security metrics and produce security health reports to support decision-making.
- Monitor security incidents and events using security tools, and coordinate resolution with internal and external teams.
- Participate in security incident response and resolution activities.
- Maintain and publish security policies, standards, processes and guidelines.
- Provide security analysis, reporting and insights through research, security metrics, SIEM alerts and incident data.
**What we're looking for**
- 4+ years' experience in cybersecurity, with expertise in vulnerability management and threat, risk and security analysis.
- Experience with DevSecOps practices and security tooling, including SAST, SCA and secure SDLC processes.
- Strong knowledge of cloud security engineering, cloud technologies and hybrid (cloud and on-premise) network environments.
- Experience managing and monitoring WAFs, including DDoS protection, and security monitoring platforms such as SIEM.
- Strong understanding of security incident response, security governance and security control frameworks.
- Sound knowledge of core security concepts and principles, including identity and access management, defence in depth, least privilege and segregation of duties.
- Awareness of current security technologies, architecture patterns, penetration testing methodologies and common attack techniques.
- Relevant security or cloud certifications preferred (for example, AWS, CISSP or equivalent).
If you meet the majority of the criteria and are excited by the opportunity, we'd love to hear from you.
**What we can offer you**
We want our people to live their best lives and access great benefits that support them inside and outside of work.
- Discounted staff travel for you and your whānau.
- FlexiLeave, giving you the option to purchase up to four extra weeks of leave.
- Learning and development opportunities to support your career growth.
- Access to wellbeing support and a wide range of employee discounts.
**Take flight and apply now!**
If you're passionate about cybersecurity and want to help shape secure digital experiences at enterprise scale, we'd love to hear from you.
Please kindly note this role is classified as safety sensitive. The successful candidate will be required to complete additional vetting checks and must meet and maintain the standards required for operational safety and regulatory compliance throughout their employment.
**Applications close 22 July 2026**
## Additional Information
At Air New Zealand, we are proudly committed to diversity, equity and inclusion and believe in creating a truly inclusive workplace where everyone can be themselves and thrive. Our people are our greatest asset – because while everything else we do in our operation can be replicated by our competitors, it is our people that truly set us apart. We are firm believers in celebrating the differences and diversity of thought our people bring to their roles.
**Whāia te pae tawhiti kia tata. Ko te pae tata whakamaua, kia tina.**
**"Seek to bring distant horizons closer. Once near, seize them and make them your reality."**
Key Responsibilities
- Identify security vulnerabilities and risks and support remediation planning.
- Support and enhance SDLC security tooling such as SAST and SCA.
- Implement and improve cloud security controls.
- Monitor, review, and maintain WAF rules and performance.
- Monitor compliance with security controls for outsourced infrastructure providers.
- Analyse security metrics and produce security health reports.
- Monitor security incidents and coordinate resolution with internal and external teams.
- Participate in security incident response and resolution activities.
- Maintain and publish security policies, standards, processes, and guidelines.
- Provide security analysis, reporting, and insights through research and SIEM alerts.
Skills Required
Vulnerability ManagementThreat AnalysisRisk AnalysisDevSecOpsSASTSCACloud Security EngineeringWAF ManagementDDoS ProtectionSIEMSecurity Incident ResponseSecurity GovernanceIdentity and Access ManagementPenetration TestingCollaborationAnalytical ThinkingCommunication
Benefits
- Discounted staff travel
- FlexiLeave
- Learning and development opportunities
- Wellbeing support
- Employee discounts
App exclusive · Free
Smart Job AI Coach
Your personal interview coach on every job — readiness tips, profile improvements, and role-specific prep. Available only in the Pulse Job app.
Interview readiness
See how prepared you are and what to improve for each role.
Personalized tips
Actionable suggestions based on your profile and the job.
After you apply
Keep coaching momentum from job detail through application success.
Similar roles for you
Matched using this role's title and skills. Open the job search anytime to see every listing.

Vulnerability Management Engineer
Workstreet
Full-timeWork from Home
IndiaMid

Senior Backend Developer (Hybrid Toronto)
Capco
118,000–135,000 / Year
Full-timeEasy applyHybrid
Canada - TorontoSenior

Incident Response Senior Engineer
Twilio
Full-timeEasy applyWork from Home
Remote - IrelandSenior

Sr. Software Engineer I, Cloud Security Platform
Samsara
Full-timeEasy applyWork from Home
Remote - UKSenior

Information Security Engineer - Vulnerability Management
Starling
Full-timeEasy applyHybrid
SouthamptonMid

Information Security Engineer - Vulnerability Management
Starling
Full-timeEasy applyHybrid
LondonMid