IT & Security Engineer
Wellington, New Zealand
A bit about us
Arlo is an award-winning global business with our HQ in Wellington, New Zealand, and offices in the UK and Canada.
This role is primarily based in our brand new water-front office in Petone, Wellington – coffee with ocean views is incomparable – with flexibility to choose where you work from 2 days a week.
We believe that human interaction is still at the heart of effective learning. Blending that philosophy with the latest e-learning tech, Arlo is fast becoming the preferred solution of choice for commercial training providers globally.
Arlo has been developed as the definitive tool to run a training operation, helping our clients save time, grow sales and transform how their training is delivered. With customers in over 70 countries and processing over $1B since conception, Arlo is the realization of that vision.
While our customers are as critical to our success as we are to theirs, our people are the heart and soul of Arlo. We aren’t just a group of people who work together. We connect and care about each other. We have fun and we work through the challenges together. We are committed to providing an excellent working environment supporting a balance between work, family, and personal life while driving productivity and connection.
What you’ll do
As the IT & Security Engineer, you are responsible for Arlo’s Corporate IT (“IT”) services, such as e-mail, collaboration tools, and end-user devices. You ensure they are fit for Arlo’s needs, follow good security practices, and are protected against ever-changing threats.
You are responsible for all aspects of corporate IT including selecting and operating solutions, protecting data, and ensuring technical controls are effective. You will lead by doing, as well as work with our external IT partner for Level 1 support.
You will be responsible for
- Be the technical owner of all IT local and public cloud platforms (e.g. Microsoft 365, Google Workspace, Zoom, Slack, Zendesk, WordPress, etc.) as a top-level architect/administrator.
- Lead IT operations, ensuring a good service for all and handling operational or security incident management and response.
- Work with the CISO and CTO on the direction and delivery of the information security strategy and IT strategy.
- Evaluate proposed third-party solutions to see if they would fit Arlo’s IT environment (integration, security, supportability, etc.) and meet our requirements (policies, privacy, security…).
- Work with vendors to efficiently resolve incidents and see the case end-to-end.
- Assess and maintain compliance of Arlo’s Corporate IT with the relevant policies and frameworks (Internal policies, NZ Privacy Act, ISO 27001…) and assist with audits when necessary.
- Monitor changing threats to Arlo, perform vulnerability assessments, risk management, and identify needs to adapt our defenses accordingly.
- Maintain and run Arlo’s information security compliance tasks, including internal and external penetration tests, maintaining security checklists, and system audits.
- Participate in on-call to provide general IT support to the global team as needed.
- Securely manage keys, secrets, and certificates (SSL, etc.).
What you’ll bring
- At least 3 years of IT experience, with a security component to it.
- Microsoft 365, with AWS and Google Workspace a plus.
- Managing end-user devices configuration and security (MDM, EDR…).
- Networking services such as routers, firewall, DNS, DHCP, VPN, including hands-on troubleshooting experience.
- Ability to support end users when they face a problem.
- Scripting and cross-platform integrations, cloud APIs, service/web hooks.
- Good understanding of the security good practices, such as Cert NZ’s Critical Controls, and security frameworks (such as frameworks such as NIST CSF, CIS Controls) and how to implement them.
- Good knowledge of core concepts such as (but not limited to) identity and access management, logging and monitoring, infrastructure/cloud security, vulnerability management, infrastructure as code, security by design, secure coding practices, zero-trust principles, data loss prevention, etc.
- Strong communication and interpersonal skills with the ability to effectively listen and communicate information in a clear and concise manner.
- Comfort in a startup environment where you need to move quickly and wear many hats.
- Results-driven mentality, self-motivated, enthusiastic and with a “can do” attitude.
Nice to have (but not essential)
- One or more security related professional certifications (eg. CompTIA Security+).
- Experience implementing controls against various frameworks such as NIST CSF, CIS and ISO/IEC 27001
- Hands-on knowledge of Microsoft Sentinel, Datadog, Azure Application Insights, PagerDuty
- Hands on experience with Microsoft Intune, Microsoft Defender for Endpoint and for Cloud.
Please apply now with your CV and a cover letter letting us know a bit about you and what you would bring to the role. We are reviewing applications as we go, so apply today.