Let’s get started
By clicking ‘Next’, I agree to the Terms of Service
and Privacy Policy
Jobs / Job page
SecOps Analyst image - Rise Careers
Job details

SecOps Analyst

Senior Security Analysts at Level 2 & Level 3 play a pivotal role in Vista’s Security Operations Centre (SOC), with a focus on proactive threat hunting, detailed forensic investigations, and end-to-end incident response management.

The role requires advanced skills in threat detection and mitigation, complemented by expertise in threat intelligence integration, incident lifecycle management, and collaboration across teams. Proficiency in using Machine Learning (ML), Generative AI (GenAI), and Agentic AI systems for threat detection, automation, and adaptive response is highly valued.

About the role

Core Security Operations

  • Monitor security events in real-time using SIEM platforms, IDS/IPS, and EDR tools to detect and respond to anomalous activity.
  • Conduct proactive threat hunting to identify indicators of compromise (IOCs), advanced persistent threats (APTs), and potential vulnerabilities in the organisation’s environment.
  • Forensic analysis of compromised systems, networks, and applications to determine the root cause, scope, and impact of incidents.
  • Manage the complete incident response lifecycle:
  1. Triage and classify incidents, execute containment strategies.
  2. Lead major incident response efforts, including eradication, recovery, and post-incident reviews, ensuring root causes are addressed.

Proactive Threat Hunting and Forensic

  • Perform deep-dive investigations to uncover undetected threats using advanced search capabilities and forensic tools.
  • Analyse malware samples, logs, and network traffic to identify attack techniques, tactics, and procedures (TTPs).
  • Continuously enhance detection and response capabilities by developing new threat detection rules, scripts, and automation workflows.
  • Lead forensic investigations, leveraging tools like EnCase, FTK, or Autopsy to collect, analyse, and preserve digital evidence for internal or legal purposes.

Incident Response Management

  • Establish and refine incident response playbooks to streamline workflows and improve incident-handling effectiveness.
  • Collaborate with stakeholders across DevOps, ICT Operations, and Risk teams during live incidents to minimise impact and ensure swift resolution.
  • Conduct post-incident reviews to identify lessons learned, root causes, and opportunities for improvement.
  • Develop and implement automated incident response processes using SOAR platforms and AI-driven tools.

Threat Intelligence and Continuous Improvement

  • Integrate threat intelligence feeds into SOC workflows to enhance visibility and detection capabilities.
  • Conduct regular simulations of attack scenarios using techniques like red teaming, blue teaming, and purple teaming.
  • Use insights from threat hunting and incidents to continuously improve security controls, detection rules, and playbooks.

Optional: Knowledge of AI and Emerging Technlogies

  • Implement ML models to enhance anomaly detection, behavioural profiling, and predictive risk analysis.
  • Use Generative AI (GenAI) for automated creation of incident response playbooks, phishing simulations, and threat report generation.
  • Deploy Agentic AI systems for autonomous threat detection, adaptive response execution, and dynamic risk prioritisation.

Additional Responsibilities

  • Ensure compliance with regulatory and organisational standards (e.g., GDPR, ISO 27001, SOC 2, NIST CSF).
  • Contribute to the creation of SOC metrics, dashboards, and monthly reports, providing insights into the security posture and operational maturity.
  • Maintain and document forensic evidence, incident logs, and detection methodologies in a secure and consistent manner.
  • Participate in regular security audits and assist in penetration testing efforts where necessary.

Qualifications and experience:

  • A degree in Cybersecurity, Computer Science, or related technical fields, or equivalent work experience
  • Level 2: Minimum 1–3 years’ experience in SOC operations, incident response, and threat detection
  • Level 3: Minimum 3–5 years’ experience, with proven expertise in advanced threat hunting, forensics, and managing critical incidents
  • Familiarity with compliance frameworks such as ISO 27001, SOC 2, PCIDSS or NIST CSF
  • Knowledge of DevOps / Repo, deployment pipelines, and approval processes for IaC (infrastructure as code)
  • Understating of distributed architecture, service mesh, of AKS or Kubernetes
  • Experience in scripting or automation (e.g., Python, PowerShell) to improve detection and response capabilities

Optional but appreciated knowledge:

  • Strong knowledge of Machine Learning (ML) for cybersecurity use cases, such as anomaly detection and user behavioural analytics (UBA)
  • Familiarity with Generative AI (GenAI) tools for phishing simulations, report generation, and SOC task automation
  • Experience with Agentic AI systems for autonomous incident response workflows and adaptive defence
  • Hands-on experience with AI-powered SOC tools like Darktrace, Vectra AI, or SentinelOne

Certifications (preferred but not mandatory):

  • Level 2: CompTIA Security+, GIAC Certified Incident Handler (GCIH), or EC-Council Certified SOC Analyst (CSA)
  • Level 3: Certified Information Systems Security Professional (CISSP), GIAC Certified Forensic Analyst (GCFA), or Certified Cyber Threat Hunter (CCTH)

We are currently only considering applicants with an existing right to work in NZ, without the need for employer sponsorship, for this position.

About Vista

Vista is a world-leading company that makes software for the cinema industry. Started in Auckland, New Zealand, over 25 years ago, we now serve cinemas, film distributors, and moviegoers worldwide.

Our HQ is in the City Works Depot in Auckland. We have offices and subsidiary companies in Sydney, Los Angeles, London, Amsterdam, Cape Town, Shanghai, Mexico City, and Kuala Lumpur. We use the latest technologies and offer a fun, agile and collaborative environment. We continue to innovate and build our reputation as one of the best Kiwi tech companies to work for.

Shared Standards 

Our Shared Standards act as a compass for how we work together and reflect the behaviours we value at Vista Group. The way in which each member of our crew embodies these Shared Standards is an indicator for performance and success, as it aligns with our vision and strategy.   

One Crew 

  • We're a diverse team, in different places and functions, and we're at our best when we connect, help and collaborate  

Shine a Light 

  • We communicate openly, we explain the why, and we ask when we don't understand. We don't leave people in the dark 

Make it Happen 

  • We make good things happen as people and as teams through our focus on delivery 

Chase Great 

  • We challenge ourselves and each other to keep improving 

You will be supported to continually learn and improve your tech skills, share knowledge and ideas in the team, and be part of a dynamic and open culture.

We have a range of benefits that include:

  • Excellent work/life balance, including a 4 ½ day working week
  • Hybrid working (home and office based split, requiring regular weekly attendance in the Auckland office)
  • Medical and Life insurance
  • Extended sick leave, paid parental leave and wellness benefits
  • Strong mentoring & career development focus
  • Fun team events including the Vista Innovation cup and our Christmas party

If you enjoy a challenge and working in a dynamic and collaborative team, you’ll love working at Vista.

We value inclusivity celebrate diversity and are committed to offering equal opportunity to our staff and candidates — regardless of gender, age, race, ethnicity, marital status, disability, sex, sexual orientation, religious, ethical beliefs or political opinion. This commitment is reflected in all our employment policies and procedures.

Vista Group Glassdoor Company Review
3.0 Glassdoor star iconGlassdoor star iconGlassdoor star icon Glassdoor star iconGlassdoor star icon
Vista Group DE&I Review
No rating Glassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star iconGlassdoor star icon
CEO of Vista Group
Vista Group CEO photo
Unknown name
Approve of CEO

Average salary estimate

$70000 / YEARLY (est.)
min
max
$60000K
$80000K

If an employer mentions a salary or salary range on their job, we display it as an "Employer Estimate". If a job has no salary data, Rise displays an estimate if available.

What You Should Know About SecOps Analyst, Vista Group

Are you ready to take your cybersecurity skills to the next level? Join Vista as a SecOps Analyst and play a critical role in our Security Operations Centre (SOC)! We're all about proactive threat hunting, thorough forensic investigations, and efficient incident response management. You'll have the chance to monitor real-time security events, conduct deep-dive investigations, and develop innovative automation workflows. Your expertise in machine learning and AI will be highly valued, allowing you to deepen detection and response capabilities. You will be at the forefront of identifying and managing threats, refining incident response playbooks, and collaborating with teams across our vibrant global network. At Vista, we believe in fostering a fun, agile, and collaborative work environment—you’ll never stop learning and improving here! Whether you're managing major incidents or enhancing our threat intelligence capabilities, your contributions will lead to significant advancements in our security posture. We offer excellent work-life balance, a unique hybrid working model, and plenty of opportunities for professional growth. If you're passionate about cybersecurity and thrive in dynamic settings, Vista is the perfect place for you to shine. Come and grow with us in this exciting position as a SecOps Analyst and help us secure the future of the cinema industry!

Frequently Asked Questions (FAQs) for SecOps Analyst Role at Vista Group
What qualifications do I need to be a SecOps Analyst at Vista?

To become a SecOps Analyst at Vista, you should have a degree in Cybersecurity, Computer Science, or related fields. For Level 2, a minimum of 1–3 years’ experience in SOC operations, incident response, and threat detection is required, while Level 3 candidates need 3–5 years of proven expertise. Familiarity with compliance frameworks such as ISO 27001 and strong scripting skills can give you an edge.

Join Rise to see the full answer
What does the day-to-day role of a SecOps Analyst at Vista involve?

As a SecOps Analyst at Vista, your day-to-day responsibilities will include monitoring security events in real-time, conducting threat hunting, performing forensic analysis on compromised systems, and managing the incident response lifecycle. You'll also develop new detection rules and enhance existing workflows through automation, all while collaborating with cross-functional teams.

Join Rise to see the full answer
How does Vista support the professional development of SecOps Analysts?

Vista is committed to your growth and development as a SecOps Analyst. With a strong mentoring focus, you’ll have access to training resources and opportunities to share knowledge within our dynamic team. We also encourage participation in innovative projects and regular skill enhancement through various tech-related events.

Join Rise to see the full answer
What technologies do SecOps Analysts at Vista work with?

At Vista, SecOps Analysts work with an array of advanced technologies such as SIEM platforms, EDR tools, and forensic analysis tools like EnCase and FTK. Additionally, you'll have the opportunity to implement machine learning models and work with AI-driven tools for threat detection and automated incident responses.

Join Rise to see the full answer
What is the work culture like for SecOps Analysts at Vista?

Vista prides itself on a fun, agile, and collaborative work culture. As a SecOps Analyst, you will be surrounded by supportive teams who value inclusivity and diversity. We believe in open communication, celebrating successes, and continuously striving for improvement, making it an excellent environment to grow and succeed.

Join Rise to see the full answer
Common Interview Questions for SecOps Analyst
Can you describe your experience with incident response management as a SecOps Analyst?

In your response, highlight specific instances where you managed incidents from detection to resolution. Discuss the tools you leveraged, such as SIEM platforms and incident response playbooks, and the outcomes of those incidents, showcasing your hands-on experience and ability to work under pressure.

Join Rise to see the full answer
How do you approach threat hunting in your previous roles?

Talk about your methodology for proactive threat hunting. Share examples of how you identified indicators of compromise (IOCs) and what tools you used. This will demonstrate your analytical skills and your proactive approach to identifying threats before they escalate.

Join Rise to see the full answer
What experience do you have with forensic analysis?

Describe the forensic tools you're familiar with, such as EnCase or FTK, and detail the types of incidents you've investigated. Highlight your ability to analyze compromised systems and draw conclusions based on evidence, emphasizing your critical thinking and technical skills.

Join Rise to see the full answer
How do you ensure compliance with security frameworks in your operations?

Explain your understanding of compliance frameworks like ISO 27001 and SOC 2. Discuss how you’ve applied those standards in your previous roles to maintain security protocols and ensure that your incident response strategies are compliant.

Join Rise to see the full answer
Can you provide an example of a major incident you led the response for?

Share a specific incident where you took the lead on response efforts. Discuss how you triaged the incident, coordinated with other teams, and what the final outcomes were. This will showcase your leadership and collaborative skills.

Join Rise to see the full answer
What role do you see AI and machine learning playing in cybersecurity?

Discuss the potential of AI and machine learning in enhancing threat detection and response capabilities. Provide examples of how these technologies can automate processes and improve efficiency in real-time incident management.

Join Rise to see the full answer
How do you stay updated on the latest cybersecurity trends and threats?

Emphasize the importance of continual learning in cybersecurity by mentioning sources such as industry blogs, webinars, and certifications you pursue. Highlight your proactive approach to keeping your knowledge base current to better protect your organization.

Join Rise to see the full answer
Describe your experience working with cross-functional teams during incidents.

Provide examples of how you've collaborated with different teams, such as DevOps or ICT Operations, during security incidents. Share how you communicated effectively to minimize impact and ensure efficient resolution, emphasizing your teamwork and communication skills.

Join Rise to see the full answer
What tools do you use to monitor security events and how do they inform your response strategies?

Mention the specific tools you have experience with, such as SIEM systems and EDR solutions. Discuss how you utilize these tools to assess security events, analyze logs, and drive your incident response strategies. This demonstrates your practical knowledge and technical expertise.

Join Rise to see the full answer
What improvements would you suggest for our current security operations based on your experience?

This is your chance to showcase your knowledge and insights. Discuss potential opportunities for enhancing detection capabilities, incident response workflows, or compliance measures based on trends you've observed in the industry. Show that you’re proactive and engaged with evolving security challenges.

Join Rise to see the full answer
Similar Jobs
Posted yesterday
Photo of the Rise User
Posted 11 days ago
Photo of the Rise User
Core One Hybrid Sterling, Virginia
Posted 12 days ago
Photo of the Rise User
Experian Remote Calle Graham Bell s/n Armilla, Granada, MD, Spain
Posted 10 days ago
Posted 11 days ago
Photo of the Rise User
Posted 4 days ago
MATCH
Calculating your matching score...
FUNDING
SENIORITY LEVEL REQUIREMENT
TEAM SIZE
EMPLOYMENT TYPE
Full-time, hybrid
DATE POSTED
December 24, 2024

Subscribe to Rise newsletter

Risa star 🔮 Hi, I'm Risa! Your AI
Career Copilot
Want to see a list of jobs tailored to
you, just ask me below!