SecOps Analyst
Auckland, Auckland, New Zealand
Vista Group
Vista Group is the global leader in delivering software and data analytics solutions to the film industry. Our love for cinema and film drives the purpose and foundations that generate innovation for our customers.Senior Security Analysts at Level 2 & Level 3 play a pivotal role in Vista’s Security Operations Centre (SOC), with a focus on proactive threat hunting, detailed forensic investigations, and end-to-end incident response management.
The role requires advanced skills in threat detection and mitigation, complemented by expertise in threat intelligence integration, incident lifecycle management, and collaboration across teams. Proficiency in using Machine Learning (ML), Generative AI (GenAI), and Agentic AI systems for threat detection, automation, and adaptive response is highly valued.
About the role
Core Security Operations
- Monitor security events in real-time using SIEM platforms, IDS/IPS, and EDR tools to detect and respond to anomalous activity.
- Conduct proactive threat hunting to identify indicators of compromise (IOCs), advanced persistent threats (APTs), and potential vulnerabilities in the organisation’s environment.
- Forensic analysis of compromised systems, networks, and applications to determine the root cause, scope, and impact of incidents.
- Manage the complete incident response lifecycle:
- Triage and classify incidents, execute containment strategies.
- Lead major incident response efforts, including eradication, recovery, and post-incident reviews, ensuring root causes are addressed.
Proactive Threat Hunting and Forensic
- Perform deep-dive investigations to uncover undetected threats using advanced search capabilities and forensic tools.
- Analyse malware samples, logs, and network traffic to identify attack techniques, tactics, and procedures (TTPs).
- Continuously enhance detection and response capabilities by developing new threat detection rules, scripts, and automation workflows.
- Lead forensic investigations, leveraging tools like EnCase, FTK, or Autopsy to collect, analyse, and preserve digital evidence for internal or legal purposes.
Incident Response Management
- Establish and refine incident response playbooks to streamline workflows and improve incident-handling effectiveness.
- Collaborate with stakeholders across DevOps, ICT Operations, and Risk teams during live incidents to minimise impact and ensure swift resolution.
- Conduct post-incident reviews to identify lessons learned, root causes, and opportunities for improvement.
- Develop and implement automated incident response processes using SOAR platforms and AI-driven tools.
Threat Intelligence and Continuous Improvement
- Integrate threat intelligence feeds into SOC workflows to enhance visibility and detection capabilities.
- Conduct regular simulations of attack scenarios using techniques like red teaming, blue teaming, and purple teaming.
- Use insights from threat hunting and incidents to continuously improve security controls, detection rules, and playbooks.
Optional: Knowledge of AI and Emerging Technlogies
- Implement ML models to enhance anomaly detection, behavioural profiling, and predictive risk analysis.
- Use Generative AI (GenAI) for automated creation of incident response playbooks, phishing simulations, and threat report generation.
- Deploy Agentic AI systems for autonomous threat detection, adaptive response execution, and dynamic risk prioritisation.
Additional Responsibilities
- Ensure compliance with regulatory and organisational standards (e.g., GDPR, ISO 27001, SOC 2, NIST CSF).
- Contribute to the creation of SOC metrics, dashboards, and monthly reports, providing insights into the security posture and operational maturity.
- Maintain and document forensic evidence, incident logs, and detection methodologies in a secure and consistent manner.
- Participate in regular security audits and assist in penetration testing efforts where necessary.
Requirements
Qualifications and experience:
- A degree in Cybersecurity, Computer Science, or related technical fields, or equivalent work experience
- Level 2: Minimum 1–3 years’ experience in SOC operations, incident response, and threat detection
- Level 3: Minimum 3–5 years’ experience, with proven expertise in advanced threat hunting, forensics, and managing critical incidents
- Familiarity with compliance frameworks such as ISO 27001, SOC 2, PCIDSS or NIST CSF
- Knowledge of DevOps / Repo, deployment pipelines, and approval processes for IaC (infrastructure as code)
- Understating of distributed architecture, service mesh, of AKS or Kubernetes
- Experience in scripting or automation (e.g., Python, PowerShell) to improve detection and response capabilities
Optional but appreciated knowledge:
- Strong knowledge of Machine Learning (ML) for cybersecurity use cases, such as anomaly detection and user behavioural analytics (UBA)
- Familiarity with Generative AI (GenAI) tools for phishing simulations, report generation, and SOC task automation
- Experience with Agentic AI systems for autonomous incident response workflows and adaptive defence
- Hands-on experience with AI-powered SOC tools like Darktrace, Vectra AI, or SentinelOne
Certifications (preferred but not mandatory):
- Level 2: CompTIA Security+, GIAC Certified Incident Handler (GCIH), or EC-Council Certified SOC Analyst (CSA)
- Level 3: Certified Information Systems Security Professional (CISSP), GIAC Certified Forensic Analyst (GCFA), or Certified Cyber Threat Hunter (CCTH)
We are currently only considering applicants with an existing right to work in NZ, without the need for employer sponsorship, for this position.
About Vista
Vista is a world-leading company that makes software for the cinema industry. Started in Auckland, New Zealand, over 25 years ago, we now serve cinemas, film distributors, and moviegoers worldwide.
Our HQ is in the City Works Depot in Auckland. We have offices and subsidiary companies in Sydney, Los Angeles, London, Amsterdam, Cape Town, Shanghai, Mexico City, and Kuala Lumpur. We use the latest technologies and offer a fun, agile and collaborative environment. We continue to innovate and build our reputation as one of the best Kiwi tech companies to work for.
Shared Standards
Our Shared Standards act as a compass for how we work together and reflect the behaviours we value at Vista Group. The way in which each member of our crew embodies these Shared Standards is an indicator for performance and success, as it aligns with our vision and strategy.
One Crew
- We're a diverse team, in different places and functions, and we're at our best when we connect, help and collaborate
Shine a Light
- We communicate openly, we explain the why, and we ask when we don't understand. We don't leave people in the dark
Make it Happen
- We make good things happen as people and as teams through our focus on delivery
Chase Great
- We challenge ourselves and each other to keep improving
Benefits
You will be supported to continually learn and improve your tech skills, share knowledge and ideas in the team, and be part of a dynamic and open culture.
We have a range of benefits that include:
- Excellent work/life balance, including a 4 ½ day working week
- Hybrid working (home and office based split, requiring regular weekly attendance in the Auckland office)
- Medical and Life insurance
- Extended sick leave, paid parental leave and wellness benefits
- Strong mentoring & career development focus
- Fun team events including the Vista Innovation cup and our Christmas party
If you enjoy a challenge and working in a dynamic and collaborative team, you’ll love working at Vista.
We value inclusivity celebrate diversity and are committed to offering equal opportunity to our staff and candidates — regardless of gender, age, race, ethnicity, marital status, disability, sex, sexual orientation, religious, ethical beliefs or political opinion. This commitment is reflected in all our employment policies and procedures.
* Salary range is an estimate based on our AI, ML, Data Science Salary Index 💰
Tags: Agile Architecture Computer Science DevOps Generative AI ISO 27001 Kubernetes Machine Learning ML models Pipelines Python Security Swift Testing
Perks/benefits: Career development Insurance Medical leave Parental leave Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.