Risk & Controls Analyst

About Centrapay

Centrapay is rethinking how people pay and get rewarded, both in physical stores and online. The company helps businesses create digital assets and loyalty experiences that can be used across a wide range of places. Its partners include Coca-Cola, BNZ, and Farmlands, and it handles payments across New Zealand and Australia.

Centrapay’s payments platform sits at the core of its business, and its hero app, Payap, brings the platform’s key capabilities together in one place. This role sits within a fast-growing fintech environment where trust, control, and resilience are central to success.

Role Overview

The business is looking for a sharp and curious risk professional to take a hands-on role in strengthening controls, improving reporting, investigating unusual patterns, and helping shape how risk is managed across the organisation. The work is practical and influential, with close collaboration across engineering, product, operations, and leadership teams.

You will report to the CRO and work closely with the Senior Risk & Change Manager. This position is suited to someone who enjoys asking thoughtful questions, translating technical information into useful risk insight, and improving processes in a proportionate way as the company grows.

Controls & Assurance

• Help develop and strengthen the control framework across Centrapay and Payap.
• Design and validate controls that address identified risk gaps.
• Create assurance methods that work well in a fast-moving fintech setting.
• Own remediation of control issues and support recurring testing cycles.
• Keep supporting evidence and documentation organised for compliance purposes.

Reporting & Data

• Prepare reports covering risk, controls, and compliance matters.
• Review data for anomalies, trends, and information gaps.
• Assist with regulatory and governance reporting obligations.
• Look for opportunities to automate assurance and measurement activities.

Compliance & Accreditation

• Support audits, accreditations, and broader compliance programmes.
• Coordinate the gathering of evidence across different teams.
• Maintain registers, databases, and records related to compliance.

Information Security & Third-Party Risk

• Contribute to security risk reviews for systems and external vendors.
• Track vulnerability actions and remediation progress.
• Run risk workshops and keep risk records up to date.

What Success Looks Like

• A practical and repeatable approach to control testing has been established and used by the business.
• Risk and compliance reporting has become clearer, more efficient, and higher quality.
• Assurance and testing processes are increasingly automated.
• Strong working relationships have been built with engineering, product, and operations teams.
• The role becomes a trusted source of insight for the Risk function and leadership.

Experience Required

The ideal candidate will bring at least 5 years of experience in risk management, information security, or technology risk. Background in financial services or a regulated fintech environment is important. You should be comfortable working with both technical and non-technical stakeholders and able to explain complex ideas in straightforward language.

Strong analytical ability, problem-solving capability, attention to patterns in data, a process-improvement mindset, and excellent communication skills are essential. Prior payments experience is not necessary, as training and support will be provided.

Nice to Have

While not required, the company would value any exposure to ISO 27001, NIST CSF, or similar risk frameworks. Experience with GRC or ISMS platforms would be useful, as would familiarity with PCI DSS, CPS 234, or open banking/CDR compliance environments. A relevant degree or certification in risk, audit, information security, or a related field such as CISA or CRISC would also be an advantage.

Why Join Centrapay

You’ll be part of a rapidly growing fintech that is helping shape the future of payments. The culture values innovation, collaboration, and ambition, and the role offers competitive pay, growth potential, and the opportunity to make a real difference.

Benefits

Centrapay places strong emphasis on culture, wellbeing, and continuous improvement. The team regularly seeks employee feedback and works to maintain a positive, healthy workplace.

• Flexible working arrangements.
• Great office location at City Works Depot for those based in Auckland.
• Six weeks of annual leave.
• A MacBook Pro.
• An open, down-to-earth culture that values inclusion.
• Social activities both in person and online to help people stay connected.
• Sick leave available from day one.
• Free Southern Cross health insurance.
• Free life insurance.
• Extra parental leave entitlements.

Additional Information

Centrapay is partnering with BNZ to drive payment innovation and expand what is possible in the sector. More information about the company is available on its official website.