Back to jobs
Cybersecurity Risk and Compliance Specialist
Job description
We’re looking for a Cybersecurity Risk and Compliance Specialist to safeguard Toyota New Zealand’s technology ecosystem. Reporting to the CIO, you will lead the uplift of cybersecurity governance, risk, and compliance across our digital landscape, from infrastructure and data to PMO and architecture, ensuring alignment with both local regulatory frameworks and Toyota’s global security standards.
This role is ideal for someone who thrives at the intersection of strategy, compliance, and hands-on delivery. You will drive risk transparency, lead audits, and partner with senior stakeholders to embed security into every layer of technology and business decision-making.
Key Responsibilities
What You’ll Bring
Apply now and be part of shaping Toyota New Zealand’s digital resilience journey.
Kia ora, Comspek and our clients fully support and encourage diverse hiring and inclusive recruitment processes. Don’t meet every single requirement of this job description? That’s ok - You do not need to tick every box or have expertise in the full JD. Comspek is dedicated to building diverse, inclusive and authentic workplaces based on different clients’ needs. So, if you’re excited about this role, we encourage you to apply.
This role is ideal for someone who thrives at the intersection of strategy, compliance, and hands-on delivery. You will drive risk transparency, lead audits, and partner with senior stakeholders to embed security into every layer of technology and business decision-making.
Key Responsibilities
- Establish, maintain, and evolve TNZ’s Cybersecurity Risk Management Framework.
- Drive compliance with ISO 27001, NIST CSF, NZISM, CIS Controls, and Toyota Security Guidelines.
- Manage audits, vendor due diligence, and GRC tools to maintain full risk visibility.
- Collaborate with Finance, Legal, Architecture, and external vendors on governance and assurance.
- Promote awareness and lead cybersecurity culture initiatives across Toyota NZ.
What You’ll Bring
- 5+ years in cybersecurity, risk, or compliance, with proven experience leading frameworks in medium to large enterprises.
- Deep understanding of ISO 27001, NIST, CIS Controls, and NZ Privacy Act.
- Strong communication and influencing skills, with the ability to translate risk into business impact.
- Experience managing audits, risk assessments, and regulatory alignment across hybrid and cloud environments.
- Certifications such as CRISC, CISSP, CISM, AZ-500, or equivalent (advantageous).
Apply now and be part of shaping Toyota New Zealand’s digital resilience journey.
Kia ora, Comspek and our clients fully support and encourage diverse hiring and inclusive recruitment processes. Don’t meet every single requirement of this job description? That’s ok - You do not need to tick every box or have expertise in the full JD. Comspek is dedicated to building diverse, inclusive and authentic workplaces based on different clients’ needs. So, if you’re excited about this role, we encourage you to apply.
