# Senior Security Engineer - Cloudfare & Detection > Vista Group · Auckland, New Zealand (Hybrid) · Full-time · Posted 2026-06-22 **Workplace:** hybrid **Department:** Platform Operations ## Description As a Senior Security Engineer – Cloudflare & Security Platforms you'll be responsible for owning, engineering, and continuously improving the Vista Cloud Cloudflare estate as a core security and platform capability, within Platform Operations. The role is primarily focused on ensuring Cloudflare is well governed, secure, reliable, and managed through repeatable engineering practices, including infrastructure-as-code, GitOps, controlled delivery pipelines, and strong operational documentation. You will also provide engineering ownership and support across Vista’s security tooling stack, including SIEM, runtime security, vulnerability management, threat intelligence, and related security platforms. Detection engineering remains a valuable adjacent capability, helping improve alert quality, reduce false positives, and strengthen operational runbooks, but the primary focus of the role is Cloudflare and security platform engineering. **About the role** **Cloudflare Platform Ownership** - Act as the technical owner for Vista Cloud’s Cloudflare environment across security, reliability, maintainability, and operational governance. - Design, implement, and maintain Cloudflare configurations for WAF, rules, policies, bot mitigation, rate limiting, access controls, and related protections. - Manage Cloudflare configuration changes through infrastructure-as-code, GitOps, version control, and controlled delivery pipelines. - Reduce manual configuration drift by ensuring production changes are delivered through approved engineering processes rather than direct UI changes wherever practical. - Partner with Platform Engineering and Infrastructure teams to ensure Cloudflare is integrated cleanly into Vista Cloud’s broader platform architecture. **Security Platform Engineering** - Provide engineering ownership and operational support for Vista’s security tooling estate, including Elastic SIEM, Sysdig, Intruder.io, SOCRadar, Upwind, Nwebbed, and other current or future platforms as required. - Maintain platform health, configuration standards, integration quality, access controls, and engineering hygiene across the security stack. - Support onboarding, tuning, lifecycle management, and optimisation of security tools to improve operational value and reduce alert noise. - Work with internal stakeholders and vendors to ensure security platforms are configured appropriately for Vista’s security and operational needs. - Create and maintain standards, documentation, and runbooks that support operational continuity and clear ownership. **Detection Engineering and Threat-Informed Improvement** - Design, implement, and refine detection logic and Detection-as-Code use cases where they improve Vista’s security operations capability. - Use version control, automated testing, and CI/CD practices to manage detection content and related security engineering changes. - Improve detection fidelity, reduce false positives, and support better signal engineering across relevant security platforms. - Align detection improvements to threat-informed approaches such as MITRE ATT&CK, threat models, and observed attack patterns where appropriate. - Support threat intelligence integration, contextualisation, and continuous tuning of detections over time. **Collaboration and Security Enablement** - Work closely with Platform Engineering, Infrastructure, Application Security, product, and engineering teams to ensure security controls are practical, scalable, and well integrated. - Support incident response, investigations, tuning, and operational improvements relating to Cloudflare and the security platform estate. - Help shape engineering standards, runbooks, change controls, and operational practices for Cloudflare and related security systems. - Contribute to secure-by-design improvements across the platform where Cloudflare and related tooling intersect with delivery teams. ## Requirements **About you** _**Core skills and experience:**_ - Strong hands-on experience administering and engineering enterprise Cloudflare environments. - Proven experience managing platform or security configuration through infrastructure-as-code, GitOps, CI/CD pipelines, automation, and change control. - Strong background in cloud security engineering, platform security, security operations engineering, or a closely related discipline. - Practical experience with SIEM, runtime security, vulnerability management, threat intelligence, or other security tooling platforms. - Ability to work across engineering, operations, and security teams in a pragmatic and delivery-focused way. - Strong documentation, runbook, and operational handover discipline. _**Highly desirable:**_ - Detection engineering experience, including Detection-as-Code, version control, automated testing, and CI/CD practices for detection content. - Familiarity with MITRE ATT&CK, threat-informed defence, detection lifecycle management, incident response, and post-incident control improvement. - Relevant cloud, security, Cloudflare, SIEM, or security operations certifications are advantageous but not mandatory. _**We are currently only considering applicants with an existing right to work in NZ, without the need for employer sponsorship, for this position.**_ **About Vista** Vista is a world-leading company that makes software for the cinema industry. Started in Auckland, New Zealand, over 25 years ago, we now serve cinemas, film distributors, and moviegoers worldwide. Our HQ is in the City Works Depot in Auckland. We have offices and subsidiary companies in Sydney, Los Angeles, London, Amsterdam, Cape Town, Shanghai, Mexico City, and Kuala Lumpur. We use the latest technologies and offer a fun, agile and collaborative environment. We continue to innovate and build our reputation as one of the best Kiwi tech companies to work for. **Shared Standards**  Our Shared Standards act as a compass for how we work together and reflect the behaviours we value at Vista Group. The way in which each member of our crew embodies these Shared Standards is an indicator for performance and success, as it aligns with our vision and strategy.    **One Crew**  - We're a diverse team, in different places and functions, and we're at our best when we connect, help and collaborate   **Shine a Light**  - We communicate openly, we explain the why, and we ask when we don't understand. We don't leave people in the dark  **Make it Happen**  - We make good things happen as people and as teams through our focus on delivery  **Chase Great**  - We challenge ourselves and each other to keep improving ## Benefits You will be supported to continually learn and improve your tech skills, share knowledge and ideas in the team, and be part of a dynamic and open culture. We have a range of benefits that include: - Excellent work/life balance including a 4 ½ day working week - Hybrid working (home and office-based split, requiring 1-2 days attendance per week in the Auckland office) - Medical and Life insurance (after qualifying period) - Volunteer day, enhanced paid parental leave and wellness benefits - Strong mentoring & career development focus - Fun team events including the Vista Innovation Cup If you enjoy a challenge and working in a dynamic and collaborative team, you’ll love working at Vista. _We value inclusivity celebrate diversity and are committed to offering equal opportunity to our staff and candidates — regardless of gender, age, race, ethnicity, marital status, disability, sex, sexual orientation, religious, ethical beliefs or political opinion. This commitment is reflected in all our employment policies and procedures._ ## Apply [Apply at Vista Group](https://apply.workable.com/vista-group/j/AC92D226F4/apply) --- Powered by [Workable](https://www.workable.com)