Senior Security Engineer – Cloudfare, Detection
Auckland, Auckland, New Zealand
Full Time
2 hours ago
No Sponsorship
Key skills
CloudGitOpsVersion ControlCloudflareCI/CDMentoringCloud SecurityWAF
About this role
Role Overview
- Own, engineer, and improve the Vista Cloud Cloudflare estate
- Act as the technical owner for Vista Cloud’s Cloudflare environment across security, reliability, maintainability, and operational governance.
- Design, implement, and maintain Cloudflare configurations for WAF, rules, policies, bot mitigation, rate limiting, access controls, and related protections.
- Manage Cloudflare configuration changes through infrastructure-as-code, GitOps, version control, and controlled delivery pipelines.
- Partner with Platform Engineering and Infrastructure teams to ensure Cloudflare is integrated cleanly into Vista Cloud’s broader platform architecture.
- Provide engineering ownership and operational support for Vista’s security tooling estate, including Elastic SIEM, Sysdig, Intruder.io, SOCRadar, Upwind, Nwebbed, and other current or future platforms as required.
- Maintain platform health, configuration standards, integration quality, access controls, and engineering hygiene across the security stack.
- Support onboarding, tuning, lifecycle management, and optimisation of security tools.
- Create and maintain standards, documentation, and runbooks that support operational continuity and clear ownership.
- Design, implement, and refine detection logic and Detection-as-Code use cases.
- Work with internal stakeholders and vendors to ensure security platforms are configured appropriately.
- Collaborate with Platform Engineering, Infrastructure, Application Security, product, and engineering teams to ensure security controls are practical, scalable, and well integrated.
- Support incident response, investigations, tuning, and operational improvements.
Requirements
- Strong hands-on experience administering and engineering enterprise Cloudflare environments.
- Proven experience managing platform or security configuration through infrastructure-as-code, GitOps, CI/CD pipelines, automation, and change control.
- Strong background in cloud security engineering, platform security, security operations engineering, or a closely related discipline.
- Practical experience with SIEM, runtime security, vulnerability management, threat intelligence, or other security tooling platforms.
- Ability to work across engineering, operations, and security teams in a pragmatic and delivery-focused way.
- Strong documentation, runbook, and operational handover discipline.
- Detection engineering experience, including Detection-as-Code, version control, automated testing, and CI/CD practices for detection content.
- Familiarity with MITRE ATT&CK, threat-informed defence, detection lifecycle management, incident response, and post-incident control improvement.
- Relevant cloud, security, Cloudflare, SIEM, or security operations certifications are advantageous but not mandatory.
- We are currently only considering applicants with an existing right to work in NZ, without the need for employer sponsorship, for this position.
Tech Stack
- Cloud
Benefits
- Excellent work/life balance including a 4 ½ day working week
- Hybrid working (home and office-based split, requiring 1-2 days attendance per week in the Auckland office)
- Medical and Life insurance (after qualifying period)
- Volunteer day, enhanced paid parental leave and wellness benefits
- Strong mentoring & career development focus
- Fun team events including the Vista Innovation Cup