Spark NZ
Security Engineer – Network Security
Who are we
Spark’s Security Infrastructure Internal team supports and protects the Spark’s Infrastructure security and WiFi environments of some of New Zealand’s largest organisations. We manage complex, high-value infrastructures and ensure security, resilience, and availability so our customers and New Zealand can win big in a digital world.
About the Role
As a Security Engineer, you will play a key role in delivering, securing, and automating Spark’s security infrastructure platforms across enterprise and commercial environments. You will work with technologies such as Next-Generation Firewalls, Application Delivery Controllers, cloud-native security services, and enterprise Wi-Fi platforms.
You will also help drive Spark’s evolution toward infrastructure-as-code, AI-assisted network security operations, and data-driven continuous improvement. This role offers significant scope for technical growth, leadership, and innovation.
Key Responsibilities
- Minimum 5+ years of experience in Design and supporting core security platforms including Next-Gen Firewalls, ADC/WAF, DNS, Web Proxies, and Wi-Fi security.
- Manage lifecycle, capacity, and vulnerabilities across security systems.
- Build and automate cloud-based security controls using Terraform, Git, and CI/CD.
- Develop and maintain IaC modules for firewalls, WAFs, proxies, and wireless platforms.
- Deliver secure enterprise Wi-Fi solutions, including RF design, authentication (802.1X/WPA3), and performance troubleshooting.
- Support risk, compliance, and audit activities (PCI DSS, CIS, NZISM).
- Collaborate across cloud, network, and business teams; contribute to documentation and continuous improvement.
Collaboration & Leadership
- Work closely with cloud, network, wireless, and business teams to deliver secure, scalable solutions.
- Mentor team members and contribute to continuous improvement initiatives.
- Communicate technical insights in clear, business-aligned language.
Operational Expectations
- Manage and prioritise workload effectively in a dynamic environment.
- Participate in on-call rotations and after-hours work as required.
Skills and Experience
Security & Networking
- Minimum 5+ years of experience in a network security role, ideally within an MSSP environment.
- Minimum 5+ years of Hands-on experience with Fortinet, Check Point, Palo Alto, and F5 technologies.
- Strong understanding of routing, switching, IPS/IDS, and micro-segmentation.
- Solid knowledge of TCP, UDP, HTTP, and application behaviour.
- Minimum 5+ years of Experience in designing enterprise Wi-Fi networks including RF planning and site surveys, Aruba wireless controllers.
- Deep Knowledge of Wi-Fi security standards (WPA3-Enterprise, 802.1X, EAP methods).
- Ability to analyse wireless packet captures and troubleshoot RF issues.
Cloud & Automation
- Minimum 2+ years of Experience with Terraform, IaC, and automated deployment pipelines.
- Familiarity with cloud security services across Azure or AWS.
- Experience automating firewall, WAF, proxy, Wi-Fi, or DNS configurations.
AI & Security Analytics
- Exposure to AI/ML tools for firewall optimisation, vulnerability prioritisation, anomaly detection, or log enrichment.
- Ability to integrate AI-driven insights into operational workflows.
Application Delivery & Proxy Technologies
- Experience with F5/NetScaler or similar ADC technologies.
- Knowledge of load balancing, access management, GSLB, DNS, and advanced WAF.
Certifications Terraform Associate (HashiCorp) – Mandatory
At least two of the following certifications are preferred:
- Fortinet NSE4+, Check Point CCSA/CCSE, or Palo Alto PCNSE
- Azure Security Engineer (AZ-500) or AWS Security Specialty
- Additional beneficial certifications: Aruba ACMA/ACMP, Ekahau Certified Solution Engineer - ECSE (Wi-Fi design and wireless security)
Diversity and Inclusion: Te Kanorau me te Whakawhāiti mai
At Spark, we are constantly looking for ways to build a more inclusive culture. Our vision is for diversity and inclusion to be "how things are done at Spark", embedded into our day-to-day activities, standards, and business practices. We want you to feel totally comfortable bringing your whole self to work regardless of your gender, ethnicity, orientation, age, or ability.
Sustainability: Toitū
Sustainability is a key focus for us. We are dedicated to supporting Aotearoa New Zealand's recovery and economic transformation. The principle of equity is at the very heart of our approach, and we remain committed to working in partnership to make a positive contribution to digital equity in line with our focus on Diversity and Inclusion.
Benefits: Awhina
Our people matter and we make sure we look after them. As a valued employee of Spark, we've got our people covered with a range of leading benefits including:
- Wellbeing - Comprehensive medical insurance, life and income protection. Access to wellbeing coaches, EAP and in-house Specialist Clinical support through our leading Mahi Tahi Wellness programme.
- Hybrid ways of working - for most teams at Spark this means being in the office for 4 days a week, and 1 day being flexible.
- Leave - in addition to four weeks annual leave, we offer purchased leave, enhanced parental leave support and study leave.
- Spark Credit – we provide permanent employees with $120 monthly Spark credit to use on any of our amazing products.
- Spark Share scheme – periodically we offer the opportunity to buy into our share scheme.
- Career development – access to an internal marketplace that connects employees with experiential, on the job learning across Spark.
Due to the nature and urgency of this role, we are only considering applicants that are based in New Zealand with permanent residency, citizenship, or a valid work visa (with at least 18 months remaining).