Domain Chapter Lead Cyber Defence | SOC Manager - Auckland - 61552 - Spark

General information

Location

Auckland

Expertise

Governance & Security

Job Level

Management

Employment Type

Permanent full-time

Close Date

30-Sep-2025

Ref #

61552

Description & Requirements

Spark NZ

As New Zealand's largest telecommunications and digital services company, Spark's purpose is to help all of New Zealand win big in a digital world. We provide mobile, broadband, and digital services to millions of New Zealanders and thousands of New Zealand businesses.

We operate in an exciting and constantly evolving industry, where the pace of change brings new and unique challenges every day, so we operate using Agile ways of working to allow us to meet the fast-changing needs of our customers. Agile replaces the traditional hierarchical organisational structure to produce a transparent, collaborative environment with highly productive teams who are empowered to deliver better outcomes for our customers, communities, and all of New Zealand.

About the Role:

We are seeking a dynamic and visionary SOC Manager to lead the transformation of our Security Operations Centre (SOC). This role requires an expert who can strategically drive change, moving our security posture beyond incremental improvements to a truly evolved and effective SOC.

As part of this role, you will be leading one of the largest SOC in the country (both internal as well as MSSP focus). You will report to Spark CISO.

Day to day you will be involved in:

● Leading and driving efficiency within the Security Operations Center (SOC) through the strategic implementation of tools, processes, and automation.

● Optimising SOC processes: Identifying and eliminating unnecessary tasks, addressing issues like alert fatigue, and improving existing processes to enhance operational efficiency.

● Implementing automation initiatives: Defining clear outcomes for automation (e.g., reducing Mean Time To Detect/Respond) and guiding the team through a crawl-walk-run model to ensure understanding and manage risk effectively.

● Strategically planning and prioritising SOC capabilities to uplift.

● Developing and empowering SOC talent: Establishing a career development model, providing training opportunities, and fostering flexibility to enhance analyst retention and development.

● Enhancing cloud security monitoring by working with other key stakeholders within the organisation

● Fostering strong collaboration: Promoting information sharing across skillsets within the SOC and with other internal groups to ensure cohesive security operations and break down silos.

● Optimising existing tooling: Maximising the value derived from our current security tools, demonstrating efficient use of existing resources and people.

● Shifting to a proactive security posture: Moving beyond reactive ticket closure to enable the team to focus on proactive measures through technology and well-defined processes, including implementing regular threat hunting exercises, red team/blue team exercises, and external penetration testing.

● Improving SOC resilience: Addressing "fair-weather SOC" characteristics by ensuring the team can operate under pressure, has experience with major incidents (e.g. through tabletop exercises and testing automation under stress), and employs metrics that measure effectiveness "under fire".

What experience you'll bring?

Candidates will be evaluated primarily on their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:

● [6+] years of experience in working in Security Operations team as penetration tester/red team/incident responder/security analyst.

● [3+] years of experience in Cyber Security leadership role.

● Demonstrated experience in leading and transforming modern Security Operations Centers (SOCs), focusing on current best practices rather than outdated models.

● Proven track record of managing and developing security teams, including navigating challenges such as high workloads by improving processes and efficiency.

● Experience in strategic planning and prioritisation within a security operations context, particularly in resource-constrained environments.

Desired, but not required:

● BS or MA in computer science, information security, cybersecurity or a related field

● Experience with regulatory compliance and information security management frameworks (such as International Organization for Standardization [ISO] 27000, COBIT, National Institute of Standards and Technology [NIST] 800)

● Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM)

● Background in security consulting or large enterprise security operations is highly beneficial, as it provides an understanding of complex, layered environments.

WHY CHOOSE US:

Diversity and Inclusion: Te Kanorau me te Whakawhāiti mai

At Spark, we are constantly looking for ways to build a more inclusive culture.  Our vision is for diversity and inclusion to be "how things are done at Spark", embedded into our day-to-day activities, standards, and business practices.  We want you to feel totally comfortable bringing your whole self to work regardless of your gender, ethnicity, orientation, age, or ability.

Sustainability: Toitū

Sustainability is a key focus for us.  We are dedicated to supporting Aotearoa New Zealand's recovery and economic transformation.  The principle of equity is at the very heart of our approach, and we remain committed to working in partnership to make a positive contribution to digital equity in line with our focus on Diversity and Inclusion.

Benefits: Awhina

Our people matter and we make sure we look after them. As a valued employee of Spark, we've got our people covered with a range of leading benefits including:

Wellbeing - Comprehensive medical insurance, life and income protection.  Access to wellbeing coaches, EAP and in-house Specialist Clinical support through our leading Mahi Tahi Wellness programme.

Hybrid ways of working - for most teams at Spark this means being in the office for 4 days a week, and 1 day being flexible.

Leave - in addition to four weeks annual leave, we offer purchased leave, enhanced parental leave support and study leave.

Spark Credit – we provide permanent employees with $120 monthly Spark credit to use on any of our amazing products.

Spark Share scheme – periodically we offer the opportunity to buy into our share scheme.

Career development – access to an internal marketplace that connects employees with experiential, on the job learning across Spark.

To download the position description, please sign in with your account.

Position Description

Spark_Security_Operations_Center_Manager_JD.docx