Information Security Tech Lead

Job type
NZD140000 - NZD170000 per annum
The opportunity:
Tally Group is a high growth company with great backing, who are looking to level up the utilitech landscape across NZ within the booming traditional and renewable energy sectors. They are on a journey to build software and analytics solutions for the next generation of energy retailers with the vision of becoming a leading global provider of utilitech, and they are on the lookout for the people who will help make that happen.
Company profile:
At Tally Group, they put energy into building world-leading technology for the utilities sector. They want to transform how people power their homes and businesses, and in turn reinvent how energy retailers operate. Tally is a cloud-native SaaS provider with clients across the globe. They offer a comprehensive suite of innovative billing, digital and analytics solutions designed to meet globally diverse market and regulatory requirements, empower customers and reduce cost-to-serve.
The role:
  • Manage, maintain and execute operational security processes.
  • Monitor our environment to identify security events or changes to the security risk profile.
  • Maintain security technologies appropriate to the environment and security control requirements.
  • Lead response and internal investigations for security incidents.
  • Identify gaps or the need for additional controls and governance practices.
  • Act as the designated information security officer.
  • Work with external partners to carry out regular penetration testing of the environments and security audits.
  • Contribute to compliance reporting and audit processes as required.
  • Work with the broader technology team and organisation to raise the maturity of our information Security.
  • Support sales teams in new business development opportunities - RFI, RFQ.
Knowledge and skills:
  • 4+ years IT Security Analyst / Consultant Experience.
  • 7+ years in Information Technology related field.
  • Experience in implementation and operation of security controls in an enterprise environment.
  • Skills in conducting incident responses and investigations.
  • Ability to monitor and identify security risks and threats.
  • Excellent collaboration and stakeholder management skills.
  • Experience with endpoint security such as Microsoft Intune.
  • Use and implementation of SIEM tools e.g. Azure Sentinel, Splunk, Elastic.
  • Experience in designing AD, application security roles to provide separation of duty.
  • Ability to design security controls to address risks and emerging threats.
  • Knowledge of Industry risk management frameworks including ISO27001/ 27002, SOC 2, NIST, The Australian Energy Sector Cyber Security Framework (AESCSF). 
  • Knowledge of Australian Government Information Security Manual (ISM), Essential 8 and Protective Security Policy Framework (PSPF).
  • Information security technology including WAF, IDS, SSO, SIEM, Anti-malware.
  • Knowledge of application development security frameworks such as SANS TOP 25, OWASP TOP 10.
If this sounds like you, click apply now or reach out at for a confidential chat on the position.