Here at BNZ, it's about more than just banking. We work together in an agile, energising environment to create innovative solutions though our promise "If you can imagine a better future, let's find a way."
We support wellbeing, flexible working and have a generous leave offering. No two days are the same.
Our Sustainable Compliance team is seeking a Security Assurance Specialist to join the team. This is a position in the project team to drive controls uplift to protect our information assets and demonstrate ongoing compliance with APRA CPS 234 regulatory requirements. You will have the to collaborate with stakeholders across Cyber & Governance, OneRisk, Technology Service Owners and NAB peers to embed cyber controls culture. This is a fixed term opportunity through until July 2025.
Mō te Tūranga | About the Role
We sat down with our Head of Divisional Security, and they let us know the following about the role.
What are 5 day to day tasks the person in this role will complete?
- Work within the APRA CPS 234 team, alongside cyber, risk and control SMEs
- Provide IS controls subject matter expertise to drive compliance outcomes across Technology application owners
- Monitor and report on application control effectiveness
- Working with Risk and central control owners to review and enhance existing NIST-800-53 controls in our Governance Risk and Compliance tool (GRACE) as we drive for maturity
- Engage NAB cyber peers to leverage their policy, process, procedures and guidance.
What projects / work will the candidate be working on now and into the next year?
- Manage continued demonstration of compliance with APRA CPS 234.
- Drive RBNZ Cyber Resilience obligations of annual survey and incident data collection.
- Cyber risk scenario quantification analysis and management.
- Manage self-assessment of NIST Cyber Security Framework maturity.
What is the most exciting thing about this opportunity?
This is an opportunity to collaborate across BNZ Technology to sustain and uplift cyber risk management practices.
What do we want you to know before you apply?
We have strong executive support for cyber security, demonstrated by year-on-year funding.
What is your favourite thing about working for BNZ?
There is a very clear linkage between cyber mission, capabilities and business strategy.
What specific tech skills are required to be successful?
- A highly developed understanding of control frameworks and methodologies (such as NIST 800-53 and CIS)
- Experience delivering IS requirements, preferably in the area of Info Sec, within an enterprise (e.g. NIST Cyber Security Framework , ISO/IEC 27002, PCI-DSS, NZ ISM and PSR),
- Performed IS controls testing or risk assessments
What attributes will this person display in order to be successful in this role?
We are looking for strong communication and people skills with an ability to influence and foster collaboration. Alongside this you’ll have sound judgment, flexibility and nimbleness in changing courses and solving problems swiftly.
Nau Mai ki te Pēke o Aotearoa | Come to the Bank of New Zealand
This is an exciting opportunity to join us! We're bold thinkers who are taking brave steps to create a company that people want to work for, and customers want to bank with. If you're ready to join a fun organisation where we are proud of our culture and how we are helping New Zealander's to 'Find their way', then show your interest by submitting your application - we can't wait to read it.
Ehara taku toa i te toa takitahi, engari he toa takitini" - Success is not the work of an individual, but the work of many.”
