Cyber Risk & Compliance Analyst - Third Party, Auckland
Apply Save

ONE NZ

Cyber Risk & Compliance Analyst - Third Party

  • Posted 1d ago
  • On Site
  • Full Time
Location

Auckland

Job Description

Ko mātou tēnei – our organisation
At One New Zealand, our purpose is to unlock the magic of technology to create an awesome Aotearoa. We're focusing on investing more into simpler and better products and services, to make things even better for New Zealanders.

We are delighted to announce that we have been awarded a #2 ranking in Randstad’s Most Attractive Employers in New Zealand within the IT and telecommunications sectors as well as being nominated as finalists for the 2023 Retail Employer of the Year Award.


We are also proudly Rainbow Tick certified and champion diversity of thought, perspective and background. We offer a friendly and open environment with leading flexible working practices that help people maintain a personal and professional balance that works for them and their whānau.


Uia mai koe te pātai, he aha te mea nui o tēnei ao? Māku koe e ki atu he tangata, he tangata, he tangata.

“If you asked me, what is the greatest thing in this world, I would say it is people, it is people, it is people.”

Ko tō tūranga – your role
The Cyber Risk & Compliance Analyst – Third Party responsible for identifying, assessing, and mitigating cybersecurity risks while ensuring compliance with regulatory requirements, industry standards, and internal security policies.

Ko tō mahi – what you’ll do

  • Support the organization’s third-party cybersecurity risk management framework, which includes providing conducting & reviewing vendor security risk assessments (new & ongoing).
  • Manage escalations of high and very high risks as required, liaising with the business in the risk acceptance process as per the Cyber Risk Management Framework, and implementation of vendor mitigations.
  • Work with vendors & One NZ business owners to reduce cyber risk.
  • Implement efficient processes for continuous security monitoring of vendors to proactively ensure vendors security posture does not reduce during the life-time of the contract.
  • Ensure third-party vendors are compliant with relevant regulatory and compliance requirements (e.g., ISO 27001, NIST, PCI-DSS, SOC 2, etc.).
  • Assist in the review of vendor contracts in line with One NZ Security Policies.
  • Assist in the review of the Supplier Information Security Policy and any related Security standards.
  • Provide guidance & training for business units to support the third party risk management program.
  • Work with Procurement to ensure 3rd Party Risk management is effective throughout the lifecycle of the contract
  • Champion and execute updates to existing reporting and 3rd party risk technology framework to reduce risk and enhance efficiency.
  • Support regulatory, internal & external audits/reviews where cyber security inputs are required.
  • Assist in the conducting of the cyber controls assurance testing to assess adherence to the One NZ cybersecurity policies, utilising the One NZ cyber security framework.


Na tōu rourou - what you’ll bring

  • Embed a customer obsessed culture within team through relentless customer focus
  • 3-5+ years industry experience in information security
  • Relevant tertiary qualification
  • Knowledge of cyber security principles and frameworks (e.g. NIST, ISO27001, PCI DSS)
  • Excellent communication and stakeholder management abilities
  • Professional qualifications or training such as CISM desired.


Nā mātou te rourou – what you’ll get

  • One New Zealand is leading the way by ensuring you can have a truly balanced life. Most roles allow flexibility to work from home and flex your hours to enjoy work & family commitments.
  • A fully subsidised Southern Cross health insurance cover for you and your family.
  • KiwiSaver employer contribution
  • Laptop, unlimited data plan, market leading cell-phone for business or personal use.
  • Lifestyle leave where you can purchase an extra week or two of annual leave.
  • Discounts on One New Zealand products, services and much more!

Hard Skills Required

  • Compliance Management
  • Risk Assessment
  • Stakeholder Engagement
  • Regulatory Knowledge
  • Data Analysis

Soft Skills Required

  • Communication
  • Attention to Detail
  • Problem-Solving
  • Collaboration
  • Adaptability

Benefits and Perks

  • Lifestyle Leave
  • 🤱
    Extended Parental Leave
    Primary carers get 22 weeks of salary top-ups plus 26 days of paid leave upon return, with secondary carers receiving a matching 26 days allowance.
  • 🧕
    Inclusive Workspace
  • 🩺
    Health Insurance
    Enjoy fully subsidised Southern Cross health insurance for you and your immediate whanau, life and terminal illness cover, and free flu shots.
  • Work-Life Balance Support
  • 💼
    Life Insurance
  • 💚
    Counselling Services
  • 🏥
    Subsidised Health Insurance
  • 📈
    Professional Development
  • 🏎
    Competitive Salary
  • 🎉
    Employee Discounts and Rewards
  • 📣
    Referral Bonuses
  • 🚚
    Relocation Support
  • 💻
    Company Supplied Technology
    Get the latest smartphones with a market-leading plan and laptop sim card, so you can stay connected and productive anywhere.
  • 🖥
    Computer Assistance
  • 📱
    Discounted Phone or Internet Plans
  • Flexible Work
    Flexible working & work from anywhere (most roles): Work from home, flex your hours, and even work up to 20 days offshore in certain countries around the world for the perfect work-life balance.
  • Work Cafe
  • Gender Transition Suport

Job Schedule

  • Shift Work
Report This Job