IT Risk and Compliance Analyst - Datam

IT Risk and Compliance AnalystNewly created role. Shape how Datam approaches IT risk, compliance, and assurance from the ground up.Make your mark in a trusted organisation backed by NZ Post, based in Auckland (Highbrook, East Tamaki) or Wellington (CBD).Lead ISO 27001 compliance and security governance while partnering closely with the Datam and NZ Post Cyber Security.Mō Te Datam - About DatamAt Datam, you'll get the best of both worlds – the backing of NZ Post and the freedom of a nimble, independent business. For over 35 years, we've helped organisations, including government agencies, deliver secure, effective communications to the right people at the right time. Our whānau-like culture, focus on collaboration, and commitment to doing what's right for our customers make Datam a place where people stay and thrive. JKōrero Mō Te Tūranga – About The RoleThis role is all about risk, compliance, governance and audit leadership, it's not a technical cyber operations role.As our IT Risk and Compliance Analyst, you'll own and drive Datam's risk management, compliance, and assurance activities, ensuring ongoing alignment to ISO 27001:2022, NZISM, and the Privacy Act. You'll work closely with internal teams and the NZ Post Cyber Security Team, using their technical capability while you focus on audit coordination, governance, and continuous improvement of our control environment.You'll be the key ISMS representative for Datam, planning and managing audits (held every three years), maintaining audit readiness in between cycles, ensuring evidence is collected and organised and managing non-conformities, and corrective actions. You'll also support broader risk activities including supplier assurance, risk assessment and reporting to senior leaders. This role is all about visibility, influence, and continuous improvement, ensuring our security framework stays robust, compliant, and future-ready.You'll Achieve That ByPlanning and coordinating ISO 27001 audits and maintain year round audit readinessLeading compliance evidence collection, non-conformities management and correct action trackingConducting risk assessments and maintaining Datam's security risk registerCollaborating with teams to strengthen technical and procedural controlsDelivering security governance, metrics, and reporting to senior leadersSupporting supplier due diligence and promote security awareness across DatamMōu - About YouYou're a risk, compliance, and audit specialist with a solid grounding in ISO 27001 and assurance processes. You thrive in structured environments, enjoy bringing order and clarity to complex requirements, and understand how to keep an organisation audit-ready at all times. You don't need to be a hands-on technical cyber expert as you'll have NZ Post's cyber team alongside you, but you do need to confidently lead governance, evidence, and audit activities.You'll Couple That With5+ years' experience in ISO 27001 audit coordination and risk managementStrong understanding of security frameworks (ISO 27001, NZISM, NIST CSF)Proven experience managing audit evidence, risk registers, and mitigation plansThe ability to communicate complex security topics in plain English to varied audiencesRelevant qualifications in Information Security, Risk, or Computer ScienceCertifications such as ISO 27001 Auditor/Implementer, CISM, CISA, or CISSP (preferred)He Aha Te Pai - What you'll love about us! BenefitsWe're passionate about our commitment to deliver the best for Aotearoa - to help businesses thrive, and to deliver what Kiwis care about. Our permanent employees enjoy a variety of benefits including:Access to discounted health insurance plans for you and your familySpecial rates on fantastic holiday home accommodation around New ZealandRetail shopping discounts with our partnersAn Employee Assistance programme to support you when you need itPlus more!!Hiahia? - Interested? Come and join the whanau!Ready to be part of something bigger? If so, then apply today or find out more details about this opportunity by downloading the JD on the NZ Post Careers page. If you require additional information, please contact Michele Christie (Talent Business Partner) on 022 087 5195Applications for this position close on 30 November 2025Due to the fast-paced nature of NZ Post, our vacancy close dates may be subject to change, so don't delay and make sure you apply as soon as possible.  All successful applicants will be required to provide proof of their eligibility to work in New Zealand and will be subject to a security check and reference checks. Some of our roles may also require a credit check and/or a drug test. If you're interested in a role, please apply directly through our online portal. No one knows what we do and how we do it better than us, and our in-house talent team are experts at finding the right people for the right roles. We won't consider candidates through agencies unless this has been previously approved. There's something really special about being part of the team here at NZ Post - Tukurau Aotearoa, who we are and what we stand for is grounded in our values.