Tally Group is a high growth company with great backing, who are looking to level up the utilitech landscape across NZ within the booming traditional and renewable energy sectors. They are on a journey to build software and analytics solutions for the next generation of energy retailers with the vision of becoming a leading global provider of utilitech, and they are on the lookout for the people who will help make that happen.
Company profile:
At Tally Group, they put energy into building world-leading technology for the utilities sector. They want to transform how people power their homes and businesses, and in turn reinvent how energy retailers operate. Tally is a cloud-native SaaS provider with clients across the globe. They offer a comprehensive suite of innovative billing, digital and analytics solutions designed to meet globally diverse market and regulatory requirements, empower customers and reduce cost-to-serve.
The role:
- Manage, maintain and execute operational security processes.
- Monitor our environment to identify security events or changes to the security risk profile.
- Maintain security technologies appropriate to the environment and security control requirements.
- Lead response and internal investigations for security incidents.
- Identify gaps or the need for additional controls and governance practices.
- Act as the designated information security officer.
- Work with external partners to carry out regular penetration testing of the environments and security audits.
- Contribute to compliance reporting and audit processes as required.
- Work with the broader technology team and organisation to raise the maturity of our information Security.
- Support sales teams in new business development opportunities - RFI, RFQ.
Knowledge and skills:
- 4+ years IT Security Analyst / Consultant Experience.
- 7+ years in Information Technology related field.
- Experience in implementation and operation of security controls in an enterprise environment.
- Skills in conducting incident responses and investigations.
- Ability to monitor and identify security risks and threats.
- Excellent collaboration and stakeholder management skills.
- Experience with endpoint security such as Microsoft Intune.
- Use and implementation of SIEM tools e.g. Azure Sentinel, Splunk, Elastic.
- Experience in designing AD, application security roles to provide separation of duty.
- Ability to design security controls to address risks and emerging threats.
- Knowledge of Industry risk management frameworks including ISO27001/ 27002, SOC 2, NIST, The Australian Energy Sector Cyber Security Framework (AESCSF).
- Knowledge of Australian Government Information Security Manual (ISM), Essential 8 and Protective Security Policy Framework (PSPF).
- Information security technology including WAF, IDS, SSO, SIEM, Anti-malware.
- Knowledge of application development security frameworks such as SANS TOP 25, OWASP TOP 10.
If this sounds like you, click apply now or reach out at matt@potentia.co.nz for a confidential chat on the position.