Posted 16 July, 2026
Risk & Controls Analyst at Centrapay
Centrapay
Christchurch, CAN, NZ
Full Time
Reference: e6345022c6fbecec
Job Description
Overview Risk & Controls Analyst at Centrapay – Christchurch, New Zealand. Full‑time, on‑site role focused on designing and improving risk controls across the business. Responsibilities Controls & Assurance Support continued development of Centrapay / Payap’s control framework. Design and test controls to close risk gaps. Build practical assurance approaches for a fast‑moving fintech. Lead control remediation and periodic testing cycles. Maintain evidence and documentation for compliance activities. Reporting & Data Prepare risk, controls and compliance reporting. Investigate anomalies, trends and gaps in data. Support regulatory and governance reporting requirements. Drive automation across assurance and measurement. Compliance & Accreditation Support audits, accreditations and compliance programmes. Coordinate evidence collection across teams. Maintain compliance registers, databases and records. Infosec & Third‑Party Risk Support security risk assessments for systems and vendors. Track vulnerability management and remediation. Facilitate risk workshops and maintain risk records. What Success Looks Like Established a repeatable controls testing approach the business actually use. Improved the quality and efficiency of risk and compliance reporting. Increased automation across assurance and testing activities. Built trusted relationships across engineering, product and operations. Become a go‑to source of insight for the Risk function and leadership. Requirements 5+ years in risk management, information security, or technology risk. Experience in financial services or a regulated fintech environment. Ability to work across technical and non‑technical teams, translating technical concepts. Strong analytical and problem‑solving skills. Ability to spot patterns and inconsistencies in data. Process improvement mindset. Excellent communication skills. Payments experience is not required — we’ll help you learn. Nice to have: Experience with ISO27001, NISTCSF or similar risk frameworks. Exposure to GRC or ISMS platforms. Familiarity with PCIDSS, CPS234 or open banking/CDR compliance environments. Relevant degree or certification in risk, audit, information security or a related field (e.g. CISA, CRISC). Benefits Competitive compensation and growth opportunities. Flexible working. MacBookPro and generous annual leave. Health and life insurance from Southern Cross. In‑person and online social activities. Parental leave entitlements. #J-18808-Ljbffr