Information Security Controls Specialist (Fixed Term Contract)
Auckland, NZ
14h ago

Te Kaiurungi About the Role

  • Working with the relevant stakeholders within BNZ to determine enhancements to ensure our Controls Framework and Effective Controls Testing frameworks remain fit for purpose
  • Engaging with the NAB Group to leverage their policies, processes, procedures and guidance
  • Leading the design and delivery of agreed policy, processes, procedures and operating model changes to further strengthen compliance with CPS234 and other Information Security frameworks
  • Utilising your information security domain knowledge, pragmatism and enterprise experience to formulate appropriate responses to business requirements to incorporate CPS234 IS regulation requirements and industry best practice, while being mindful of balancing sustainability of solutions and business operating constraints
  • Translating CPS234 IS regulatory requirements into pragmatic and business fit for purpose capabilities for sustainable compliance outcomes
  • Leading and / or working alongside other business analysts to envision, design and develop enhancements to other key CPS234 related processes, procedures and guidance
  • Providing guidance to ICS team members and colleagues on security policy, delivery of controls and communication of risks
  • Ō Pūkenga About You

    To be successful you will have strong people skills with an ability to influence and foster collaboration, excellent skills in the application of enterprise risk frameworks, risk management tools and frameworks and exceptional written and verbal communication skills.

    You will also be bringing :

  • A highly developed understanding of control frameworks and methodologies (experience of IS frameworks such as NIST and CIS are preferred)
  • Experience delivering IS requirements, preferably in the area of Info Sec, within an enterprise (e.g. NIST CSF, ISO / IEC 27002, PCI-DSS, NZ ISM and PSR)
  • Experience performed IS controls testing and / or risk assessments
  • Strong skills in the application of enterprise risk frameworks and risk management tools
  • Excellent people skills with an ability to influence and foster collaboration
  • Possess sound judgment, flexibility and nimbleness in changing courses and solving problems swiftly
  • Experience of delivery of privacy requirements within an enterprise (e.g. NZ Privacy Act, EU-GDPR or equivalent)
  • Ability to demonstrate experience in privacy or data protection obligations management
  • Report this job

    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form