FirstCape is one of New Zealand’s largest and best resourced wealth advisory and asset management business, creating an enhanced and broadened product offering to help our clients achieve their goals at whatever stage of their investment life cycle. Here at FirstCape, we believe that our people are our greatest asset. Our success is dependent on the collective talent, expertise, and dedication of each and every one of our team members. We are committed to creating an environment where everyone can thrive, grow, and contribute to their fullest potential.
Job Description
About the opportunity | Mo te whai waahi
As Senior Security Engineer, you will be a technical leader driving the design, implementation, and continuous improvement of FirstCape’s security architecture, controls, and incident response capabilities.
You will use the NIST Cybersecurity Framework as your north star, ensuring all technical solutions and practices are mapped to its functions and categories. You will be a key contributor to the design and ratification of security policies and standards, influencing technical tooling and operational practices. Day-to-day SOC operations will be managed externally, but you will operate and enhance FirstCape’s SIEM, ensuring robust detection, response, and reporting.
Ultimately, FirstCape is to be recognised for security innovation and leadership in NZ financial services.
Key Responsibilities | Ngā Kawenga Mahi
Lead technical design and implementation of security controls mapped to NIST CSF functions
Architect, deploy, and maintain FirstCape’s SIEM platform, integrating with external SOC and consolidating existing tooling
Act as technical lead for incident detection, response, and threat hunting, leveraging SIEM and SOC outputs
Contribute to the design and ratification of security policies, standards, and processes, ensuring they are practical, effective, and NIST-aligned
Collaborate with developers and IT teams to embed security into SDLC and DevOps practices
Mentor and coach junior staff, fostering a culture of continuous improvement and innovation
Research, evaluate, and recommend new security technologies and practices to uplift maturity across NIST CSF categories
Present findings, risks, and recommendations to technical and non-technical audiences, including senior leadership
Maintain awareness of emerging threats, technologies, and regulatory requirements relevant to NZ financial services
Ensuring security controls and architecture are robust, scalable, and mapped to NIST CSF functions
Desired Skills and Experience
What you will bring to the role | He aha ka kawea e koe ki te mahi
We require that you have:
Proven experience in security engineering, architecture, and operations (5+ years preferred)
Advanced skills in SIEM operation, integration, and optimisation
Experience working with external SOCs and managing vendor relationships
Strong background in penetration testing, vulnerability research, and incident response
Programming and DevOps skills (Python, TypeScript, C#, Java, CI/CD, containerisation)
Deep understanding of cloud security, Active Directory, cryptography, and Zero Trust principles
Excellent communication, stakeholder engagement, and report writing skills
Bachelor’s degree in Computer Science or related field; relevant certifications (CISSP, CISM, CEH, etc.) highly regarded
Desirable but not essential:
Experience in financial services or regulated environments
Published research, open-source contributions, or recognised vulnerability disclosures
Familiarity with NIST CSF, NZISM, and NZ financial sector compliance requirements
Why work at FirstCape? | He aha mahi i te FirstCape?
We offer a competitive compensation package commensurate with experience. Additional benefits include wellbeing support, volunteer days and a great company culture. We pride ourselves on offering our employees outstanding development and learning opportunities to support career growth, and the opportunity to work alongside the best talent in the market.
We are an inclusive employer and want our workforce to reflect a rich and diverse way of thinking and working. We know people are more than a single identity and the qualities that make each one of us unique need to be valued and embraced. So regardless of your gender, age, background or how you choose to identify, there's room for you to realise your potential here. And importantly, there's room to be yourself.
We’re also committed to providing equal opportunities to all candidates. Let us know if you have any accessibility requirements so we can work with you to make adjustments where possible to support your application. Alternatively, if you don’t meet all the requirements of the role but think you would be a great candidate, please apply explaining why you want the role, how you think your skills or background are transferable, and how you plan to upskill where needed (we will support you with this, but want to know you have thought about this too).
To be eligible to apply, you must have the right to work in New Zealand. Please note candidate screening and interviews may be conducted prior to the closing date of the job advert.
.jpg){kind=logo}