IT Compliance and Governance Advisor – Information Technology

IT Compliance and Governance Advisor – Information Technology
Permanent, Full-time
Christchurch, Wellington, or Auckland

Who we are | Ko wai mātou:
Awanui Group, New Zealand's largest human and veterinary pathology network, with 25 laboratories, 150 collection centres, and over 2,200 dedicated employees across New Zealand, we are committed to delivering world-class service, collecting, analysing, and reporting over 7 million patient results annually.

About the role | Mō te tūranga:
We are looking for an IT Compliance and Governance Advisor to join our IT team and play a key role in strengthening Awanui’s technology landscape. Reporting to the IT Security Manager, this newly created position offers the opportunity to shape how we operate, ensuring our systems, processes, and people meet the highest standards of governance, risk management, and compliance.

You will lead the development and enhancement of Standard Operating Procedures, policies, and guidelines, while working closely with teams across the business to embed best practice and ensure alignment with local and international standards. You will also take ownership of auditing and improving our digital ecosystem, including IT assets, projects, performance measurement, reporting, and continuous improvement initiatives, helping to drive smarter decision making and support the growth of our technology capabilities.

This is a permanent, full-time position working 80 hours per fortnight and can be based in Christchurch, Wellington or Auckland

Key Responsibilities:

IT Governance and SOPs: Support the IT Security Manager in developing, implementing, and maintaining IT and security Standard Operating Procedures across Awanui systems, ensuring compliance and clear communication.

Risk Assessment and Control: Conduct security risk assessments for new and existing systems, recommending and implementing appropriate controls.

Regulatory and Knowledge Management: Maintain the security knowledge base and stay up to date with relevant legislation, including the Privacy Act and Ministry of Health requirements.

Incident and Risk Management: Plan and support responses to cybersecurity incidents while proactively identifying and managing security risks.

Security Advisory and Vendor Support: Provide guidance on security strategies, technology implementations, and vendor assessments to minimise risks across the organisation.

Standards and Compliance Testing: Ensure all security measures comply with industry standards through regular audits and testing of backup, restore, and data destruction processes.

Key Results

Implementation and adherence of IT and security SOPs across all systems.

Reduction in security risks and successful mitigation of identified vulnerabilities.

Timely response and resolution of cybersecurity incidents.

Compliance with relevant legislation and internal policies, including audit success rates.

Effective guidance and support provided to internal teams and vendors on security initiatives.

Ongoing improvement of IT governance, backup, restore, and data destruction processes.

About you | He kōrero mōu
To be successful in this role you need to have:
You’ll be a proactive and results-driven IT professional who thrives on building strong relationships across teams and ensuring robust governance and security practices. You’ll bring a practical, consultative approach to managing risk, enhancing compliance, and driving continuous improvement.

Relevant tertiary qualification or equivalent experience, with a commitment to ongoing professional development.

Experience in IT security, governance, and compliance, with relevant certifications (e.g., CISA, CRISC).

Solid understanding of IT security frameworks (ISO 27000, NIST CIS, HISF 10029:2015), IT General Controls, audit, and risk management.

Knowledge of the Privacy Act 2021 and other relevant legislation, with the ability to apply this to support organisational compliance.

Proven ability to develop and implement IT security policies, SOPs, and controls to manage risks and improve organisational processes.

Strong collaboration and communication skills, with the ability to influence and build effective relationships across internal teams and external stakeholders.

Project management experience, with the ability to deliver initiatives that strengthen IT security, compliance, and operational efficiency.

High emotional intelligence, professionalism, and visibility, with enthusiasm and motivation to lead positive change.

Eligibility to work in New Zealand.

What’s in it for you | He aha mōu:
Joining Awanui Group means becoming part of a supportive and inclusive work environment that values the growth, work-life balance, and personal well-being of its employees. As part of our close-knit team, you will have the opportunity to showcase your initiative, collaboration, and resilience.

Our mission is to provide accurate medical expertise to every person, every day, and you can be a part of this meaningful endeavour. Explore excellent opportunities to enhance your skills with our in-house Learning & Development team, ensuring your professional competency and career growth.

Our three core values guide us in creating an inclusive and respected workplace where everyone can thrive and make a meaningful difference:

Manaakitanga - We Care for each other and the people we serve.

Whakapakari - We Improve and adapt to create opportunities for success.

Hiranga - We Deliver the highest quality medical and scientific expertise.

Don't miss this opportunity to contribute to a leading healthcare organisation!

Apply now with your CV and a cover letter.

Application closes 6 April 2026