Senior Cybersecurity AppSec Specialist

At Air New Zealand, we are building back better as we connect friends and whānau all over Aotearoa to each other and reconnect Kiwi's to the World. Air New Zealand's cyber security team assures that the confidentiality, integrity, and availability of our Information Assets and Systems are maintained. 

We are looking for a driven Senior Cybersecurity AppSec Specialist (Internal Job Title: Senior Cybersecurity Specialist) to assist the team with security monitoring, and threat intelligence and to provide modelling security requirements and metrics to ensure the business is protected and supported in complying with procedures, regulations, and standards. 

What will you be working on?

• Conduct security assessments against Air New Zealand assets, such as Web and Mobile Applications, API's, and Infrastructure 
• Collaborate on security testing needs with a focus on scoping test boundaries and defining rules of engagement and entry requirements
• Coordinate penetration tests with internal and external stakeholders across the business. Work with external security partners to manage penetration testing end-to-end
• Assist in security monitoring, threat, and vulnerability management activities across functions. Assist in the management of security compliance and audit processes 
• Participate in the security incident response process to ensure issues are addressed and resolved effectively to enable business outcomes to be achieved
• Review Security Assurance reports, and liaise with development teams, risk teams, and the broader Cyber team. Provide input and SME guidance on adapting and maintaining the security assurance program as priorities and threats evolve

To be successful in this role we are looking for the following:

• 3-5 years experience in technical penetration testing or a similar role
• Experience in Penetration Testing of web-based applications or API's
• Strong knowledge of OWASP and other security testing frameworks
• Experience with commonly used Penetration Testing tools and methodologies, including Burp Suite, Kali, Tenable, Metasploit, and Malware Analysis tooling
• Experience with SCA/SAST and Digital Forensics tools is also desirable but not essential
• Able to create and deliver the Security Assurance/Pen Testing program and activities
• Working knowledge of implementing or testing security in Cloud Platforms 
• Passionate for cyber security and enthusiasm to elevate cyber security within a business. 
• A can-do attitude with high levels of initiative. Excellent interpersonal/communication skills, both verbal and written. 

Passionate and looking to expand your existing Cyber security experience? Apply online now! 

At Air New Zealand, we are proudly committed to diversity, equity and inclusion and believe in creating a truly inclusive workplace where everyone can be themselves and thrive. Our people are our greatest asset – because while everything else we do in our operation can be replicated by our competitors, it is our people that truly set us apart. We are firm believers in celebrating the differences and diversity of thought our people bring to their roles. We encourage candidates from diverse backgrounds, including those with a disability, additional health and mental health needs, and/or are neurodiverse to apply for our roles.

If you have encountered any accessibility barriers and require further information or reasonable accommodations to our recruitment process, please reach out to the recruiter listed on this job advert so they are able to support you to freely participate equitably in our recruitment and selection process.

Whāia te pae tawhiti kia tata. Ko te pae tata whakamaua, kia tina.

"Seek to bring distant horizons closer. Once near, seize them and make them your reality."