Infosecurity Engineering Lead, Itss (3 Years Renewable Contract)

InfoSecurity Engineering Lead, ITSS (3 years renewable contract)

Agency for Science, Technology and Research – Queenstown

The InfoSecurity Engineering Lead in A

• STAR is a people manager role that owns the strategy, architecture, and hands on delivery of the organisation's security platforms and controls.

Leading an engineering team and reporting to the Deputy Director, the role designs, implements, and operates capabilities across Privileged Access Management (e.g., CyberArk), Endpoint Protection / EDR, SIEM / SOAR, Web Isolation, and Vulnerability Assessment, with a forward roadmap to enable Proxy based DLP.

The Lead partners closely with Divisions / Research Entities and stakeholders and to ensure these security controls integrate cleanly into the wider environment and support a Zero Trust aligned posture.

The Lead drives the engineering roadmap and backlog, contributes to Approval of Requirements (AOR) and budget planning, and ensures investments translate into measurable outcomes—coverage of crown jewel assets, risk reduction through hardening and privilege control, reliable platform operations, and faster detection and response.

The role also champions automation to reduce manual effort and improve consistency, embeds security by design in projects, and communicates risk, priorities, and progress clearly to senior stakeholders and business teams.

Core Responsibilities

Strategy & Architecture : Set the security platforms strategy and reference architectures for PAM (CyberArk), EPP / EDR, SIEM / SOAR, Web Isolation, Vulnerability Assessment, and the Proxy DLP roadmap; align to Zero Trust principles and business risk.

Platform Engineering & Operations : Own deployment, integration, and lifecycle management of security platforms; maintain OKRs, change management discipline, and clear runbooks / documentation.

Future Ready Controls : Plan and implement Proxy based DLP with staged pilots, measurable risk reduction, and minimal user friction.

Stakeholder Partnership & Change : Partner with IAM, infrastructure, application, network, and SOC teams to ensure clean integrations; lead change planning, communications, and enablement.

Governance, Audit & Compliance : Align platforms and processes with organisational policies and public sector obligations (e.g., audit, data protection); keep configurations, exceptions, and evidence current.

Procurement, AORs & Vendor Management : Lead technical inputs for AORs and multi year plans; define security requirements in RFPs / SOWs; manage vendor delivery to measurable SLAs.

People Leadership & Operating Model : Lead a small team of security engineers—hiring, coaching, performance, skills growth; set cadences (backlog, change windows, PIRs) and maintain a clear RACI with partner teams.

Requirements

Experience : 7+ years in security engineering at enterprise scale, including 2+ years leading engineers and / or vendors (people management, coaching, performance, and delivery accountability).

Platform depth (=2 areas) : PAM (CyberArk), EPP / EDR, SIEM / SOAR, Web Isolation, or Vulnerability Assessment—with a track record of delivering coverage and measurable risk reduction.

Communication : Crisp technical writing and senior level storytelling; ability to influence across engineering and business stakeholders.

Education : Bachelor's in Computer Science / Cybersecurity (or equivalent practical experience).

Experience : Microsoft security ecosystem.

Certifications : CISSP or CCSP and one of AZ 500 / SC 200 / SC 100 or CyberArk Defender / Sentry; PMP is a plus.

#J-