Security Engineer

Worker Type:

Here at BNZ, it's about more than just banking. We work together in an agile, energising environment to create innovative solutions through our promise "If you can imagine a better future, let's find a way."

We support wellbeing, flexible working and have a generous leave offering. There is the opportunity for growth, learning and career development. No two days are the same.

Centrapay is an entity of the BNZ Group.

At Centrapay, we're revolutionising how you spend money both in-store and online. We allow businesses to create digital assets and loyalty programmes so that you can spend and be rewarded anywhere. Some of our partners include Coca-Cola, BNZ, and Farmlands, and we process payments in New Zealand and Australia.

Our payments platform is the heartbeat of what we do. On top of this, we're building our hero app, Payap, that brings all of our best capabilities to life.

We are seeking an intermediate-level Security Engineer to support our growing Information Security program. You'll be hands-on doing development work within our infrastructure space, with a focus on attaining and maintaining compliance with global security and risk frameworks such as ISO 27001, SOC 2, and NIST SP Your role will help ensure our systems, policies, and practices meet both regulatory and customer expectations.

This role is ideal for someone with 3+ years of experience in compliance or risk who is ready to take more ownership of controls, audits, and risk processes in a fast-paced payments environment.

What You'll Do

Engineering & Development

• Design, build, and maintain secure infrastructure and internal systems (CI/CD pipelines, cloud infrastructure, APIs, etc.).
• Implement and maintain security tools (e.g. SIEM, IDS/IPS, vulnerability scanners).
• Work closely with DevOps and Engineering teams to integrate security into SDLC (DevSecOps approach).
• Conduct peer code and architecture reviews with a focus on security best practices.
• Participate in an on-call support rota, with specific timeframes determined by business priorities and the discretion of senior leadership.

Compliance & Governance 

• Lead and support efforts to attain and maintain security certifications such as ISO 27001, SOC 2, and NIST SP 800-53 compliance.
• Perform internal risk assessments, control testing, and vendor security reviews.
• Maintain policies, procedures, and documentation aligned to security frameworks.
• Coordinate with external auditors, consultants, and internal stakeholders for audits and gap remediation.
• Collaborate with HR and Training to support security awareness programs.
• Keep up to date with relevant regulations and compliance trends (e.g., NIST updates, NZ Privacy Act).

Requirements

Who we're looking for

• 3–5 years of experience in a software development, DevSecOps, or Systems Engineer role.
• 2-3 years of experience in security compliance, risk management, or IT audit.
• Hands-on experience with cloud infrastructure (preferably AWS or Azure).
• Familiarity with Infrastructure-as-Code (Terraform, CloudFormation, etc.).
• Understanding of security architecture and secure coding practices.
• Knowledge of ISO 27001, SOC 2, and/or NIST SP frameworks.
• Experience with compliance documentation and audits.

Nice-to-have

• Relevant security certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer, AWS Security Specialty).
• Experience in the payments or fintech space.
• Familiarity with container orchestration (e.g., Kubernetes).
• Experience with CI/CD and automated compliance tooling.

Why Join Us?

• Be part of a fast-growing fintech shaping the future of payments
• Work with a team that values innovation, collaboration and ambition
• Competitive compensation, growth opportunities, and a chance to make a real impact

Your Key Benefits

There are great benefits to working at the BNZ group such as 6 weeks annual leave, discounts on banking products, health & life insurance etc.

This is an exciting opportunity to join us  We're bold thinkers who are taking brave steps to create a company that people want to work for, and customers want to bank with. If you're ready to join a fun organisation where we are proud of our culture and how we are helping New Zealander's to 'Find their way', then show your interest by submitting your application - we can't wait to read it. 

Ehara taku toa i te toa takitahi, engari he toa takitini" - Success is not the work of an individual, but the work of many."

Applications will be reviewed regularly across the advertising period, but we do reserve the right to close applications early.