Security & Privacy Officer

Maternity Cover (1 year) Oct 2021 – 2022

Wellington, New Zealand

Optimal Workshop is building discovery tools for crafting better human experiences. Our software is used by experience designers, information architects and user researchers in over 100 countries and in over 70 languages worldwide.


The Security & Privacy Officer reports to the Chief Operating Officer (COO) and is responsible for the development and delivery of Optimal Workshop’s information security and privacy strategy and practice. This involves leading, coordinating and reviewing Optimal’s strategic and operational activities within the information security and privacy space, and includes facilitating governance, and implementing appropriate policies and procedures to manage information security & data privacy risk within Optimal Workshop.

The Security & Privacy Officer is also responsible for advising Optimal Workshop’s Leadership Team on Optimal’s compliance with data protection laws, monitoring our adherence to privacy and security standards and supporting the COO as a point of contact with supervisory authorities and data subjects. 

Key Responsibilities

Information Security & Privacy Governance

  • Advise and support the Leadership Team with the integration of information security & data privacy practices into Optimal’s strategic and operational planning processes.
  • Lead the development and implementation of the organisation’s security and privacy policies ensuring best practice methodology in line with relevant legislation and industry standards.
  • Lead the development and implementation of the information security and data privacy programme of work.
  • Report to the Leadership Team on information security & privacy strategy and breach / incident management.
  • Advise and support the COO on providing oversight of Optimal Workshop’s security & privacy risk exposure and articulate emerging trends for the organisation’s risk register.

Information Security & Privacy Management

  • Engage with delivery teams, subcontractors and third-party vendors to ensure projects, tools and Optimal Workshop applications are designed, integrated and/or implemented in line with organisational policies and industry best practice standards.
  • Manage the monitoring of new and evolving threats and engage with internal and external stakeholders to ensure appropriate and ongoing security and privacy controls are in place within Optimal Workshop.
  • Work with Optimal staff and third-party vendors to ensure the suitability of controls in place as well as provide assurance over the implementation of security and privacy controls on an ongoing basis.
  • Working with Optimal’s legal advisors to track and manage data privacy risks within Optimal Workshop.

Reports to: Chief Operating Officer, within the Operations Tribe

Note: This is not a remote opportunity. Due to Covid 19 border restrictions, candidates are required to be based in, and legal to work in New Zealand. 

We like to do things differently at Optimal Workshop – Do you?