The Company
Our client is a well-established New Zealand technology organisation operating in a highly regulated environment. The business delivers mission-critical platforms and services to a diverse client base and has a long-standing commitment to security, quality and operational maturity. With continued growth and increasing customer expectations around assurance and risk management, the organisation is investing further in its information security and governance capability.

The Role
We are seeking an experienced Information Security & Risk Manager to take ownership of the organisation’s ISO/IEC 27001 Information Security Management System (ISMS). Reporting into senior technology leadership, this role is responsible for maintaining certification, leading audits, and ensuring the organisation’s security posture continues to evolve in line with business and regulatory expectations. 

This role is focused on security governance, risk management, and ISO 27001 oversight rather than hands-on technical implementation. You will work closely with engineering, product, leadership, and external auditors to define requirements, scope controls, and track remediation, rather than implementing technical solutions directly.

What You’ll Be Doing

• Owning and maintaining the ISO/IEC 27001 ISMS, ensuring ongoing certification
• Leading surveillance and recertification audits, including auditor engagement and remediation tracking
• Maintaining security policies, standards, risk registers, and supporting evidence in an audit-ready state
• Translating ISO requirements into practical, business-aligned controls for technical teams
• Providing security and risk input into product development, vendor assessments, and customer due diligence
• Supporting security incident response activities, including investigation and post-incident improvement actions

Skills and Experience We’re Looking For

• Strong experience in information security, risk, and compliance-focused roles
• Hands-on experience owning and maintaining an ISO/IEC 27001-certified ISMS
• Proven background managing audits, audit findings, and remediation programmes
• Experience operating in SaaS or technology-led professional services environments
• Strong documentation skills, with experience producing and maintaining policies and procedures
• Ability to work collaboratively with technical teams, senior leaders, and external auditors

This role is based in Christchurch and requires regular on-site presence. Applications are open to candidates currently located in New Zealand and able to work from Christchurch. If this role aligns with your experience and you’re based in Christchurch, please apply now.