Senior Security Specialist

Worker Type:

Here at BNZ, it's about more than just banking. We work together in an agile, energising environment to create innovative solutions through our promise "If you can imagine a better future, let's find a way."

We support wellbeing, flexible working and have a generous leave offering. There is the opportunity for growth, learning and career development. No two days are the same.

Are you ready to champion the right thing and protect what truly matters? We’re looking for a Senior Security Specialist with deep expertise in Data Loss Prevention (DLP) to help shape and operate the future of enterprise data protection at BNZ. As a Subject Matter Expert in DLP, you’ll join a high-performing, supportive team committed to preventing the leakage of sensitive, private, and highly confidential information. You’ll play a pivotal role in both strategy and operations, helping us secure structured and unstructured data across a wide range of services, including:

• Endpoints (USB, laptops)
• Emails
• Web access (internal and external)
• Cloud services, CASB, APIs
• Structured data channels

You'll actively contribute to BNZ’s target state architecture for data protection, bringing simplification, automation, and innovation through engineering-led practices such as policy-as-code, peer reviews, and DevSecOps integration. Join us in our mission to safeguard BNZ’s data. If you're someone who enjoys solving meaningful challenges, mentoring others, learning continuously, and having a laugh along the way, we'd love to hear from you.

This role can be based in Auckland or Wellington. It is a hybrid role with two days where you can work flexibly.

Mō te Tūranga | About the Role

We sat down with the People Leader (who you'd report to), and he let us know the following about the role:

What are 5 day to day tasks the person in this role will complete?

• Assist the team in review and triage data protection alerts and support tickets, assisting in prioritisation and resolution while mentoring junior team members in best practices and effective analysis.
• Tune and refine policies across Data Loss Prevention tools, helping reduce false positives and improve quality through regular peer reviews and hands-on configuration.
• Share insights and lessons learned from internal incidents and industry trends to continuously improve how we operate, bringing ideas for simplification, smarter alerting, and more effective policy design.
• Contribute to automation and engineering-led improvements by applying practices such as policy-as-code, version control, and metrics-based evaluations of DLP effectiveness and operational efficiency.
• Collaborate closely with cross-functional teams to align with governance requirements, support compliance checks, and ensure data protection goals are clearly communicated and embedded in daily work.

What is the team culture and environment like?

We have a team culture which is fun, collaborative and supportive, enabling career growth and a sense of ownership.  

What is your management style?

I trust and empower the team to make decisions based on metrics and team consensus. I strive to provide a fun and happy work environment where every member of the team has clear objectives, regular feedback and opportunities for growth – thus providing a safe environment for innovation and problem-solving. Recognising achievements, offering mentorship and ensuring a healthy work-life balance scores highly on my priority list

What is the most exciting thing about this opportunity?

The opportunity to shape and safeguard the bank’s security landscape, leveraging cutting edge technologies, while tackling complex challenges and driving impactful solutions that protect critical data and enable business innovation. 

What technical skills are REQUIRED for this role?

• Proficiency in the use of Data Loss Prevention (DLP) tools like (but not limited to) Microsoft Purview, Zscaler, Crowdstrike

• Data Loss Prevention tooling, regex and data loss policy configuration.  

• Cyber security knowledge including risk and controls.  

• Familiarity with data lineage and governance tools  

• Familiarity with git-based source control, automated testing tools and delivery pipelines

What attributes will this person display in order to be successful in this role?

We are looking for someone who has a problem-solving mindset, able to anticipate risks, address challenges creatively and implement forward-looking security solutions. While staying updated on evolving cybersecurity trends, we expect the successful candidate to be effective in communication with stakeholders, mentoring team members and fostering partnerships across diverse teams 

PLEASE NOTE: Applications close at 11:59pm, 3rd August 2025. We review applications as they are received and may close advertising early.

Nau Mai ki te Pēke o Aotearoa | Come to the Bank of New Zealand

This is an exciting opportunity to join us!  We're bold thinkers who are taking brave steps to create a company that people want to work for, and customers want to bank with. If you're ready to join a fun organisation where we are proud of our culture and how we are helping New Zealander's to 'Find their way', then show your interest by submitting your application - we can't wait to read it. 

Ehara taku toa i te toa takitahi, engari he toa takitini" - Success is not the work of an individual, but the work of many.”