Fulton Hogan, is one of New Zealand’s largest and most prominent companies.  It is a leader in the civil construction industry, privately owned with 10,000+ people strong across New Zealand and Australia.  They offer clients services in civil contracting, construction, infrastructure maintenance, quarrying and asphalt production and surfacing. They cover a diverse range of sectors including transport, infrastructure, water, energy, land development and quarrying.



This is a newly created, senior IT role arising due to the need to have a specialist to focus on this core area of IT management.  You will lead Fulton Hogan’s IT Risk Management function across Australia and New Zealand.  This will encompass Fulton Hogan’s own business operations, and those in which it is a member of an Alliance or Joint Venture.

Fulton Hogan operates an ISO 27001 Certified Information Security Management System (ISMS).  Central to the operation of their ISMS is the identification of risks which pose a threat to the Confidentiality, Availability, and Integrity of:

  • Fulton Hogan’s Information Systems.
  • Fulton Hogan’s Information.
  • Information we store and/or interact with on behalf of clients and other third parties.

Treating these risks involves the development, selection, and application of controls which, help manage and mitigate those risks.



Through effectively liaising with Stakeholders in the ISMS, Fulton Hogan’s own personnel, and personnel in Vendor and Partner organisations, via Fulton Hogan’s Risk Management Framework, you will maintain and manage our portfolio of risks. In summary this will involve:

  • Assist in developing the Group IT internal assurance strategy and annual plan of audits.
  • Maintaining the Group IT risk register. Develop and document risk action plans for each major risk area on the risk register, by working with in-business management teams who are responsible for day-to-day risk management processes.
  • Feed significant Group IT Risks into the Group Risk Register.
  • Business continuity management - support the Group IT function to create and maintain business continuity plans for their operations.
  • Advise and support the Group Risk & Assurance Manager on matters relating to IT risk and assurance.
  • Foster a culture within the Group IT operation that will allow risk and assurance to become a trusted advisor that supports Group IT in achieving and delivering on its strategic priorities.
  • Stay well informed of legislative and regulatory changes in Information Security and Risk governance.
  • Documenting and Assessing Risks.
  • Working with colleagues, vendors, and other advisors to develop, approve and implement risk treatment plans.
  • Monitoring and driving the implementation of risk treatment plans.
  • Conducting post treatment risk reviews.
  • Reporting on our risk portfolio.




To be successful in this role we are looking for a person with several of the following skills and knowledge:

  • Strong experience in IT Risk & Assurance and Information Security gained in another sizable organization or in several organisations if you come from a consulting background.
  • Understanding of policies and best practices of risk management, including ISO 31000, ISO 27000 (and its related standards), other risk treatment frameworks such as NIST and ASD Essential 8).
  • Strong collaboration skills and ability to work across both functional and geographical lines.
  • Demonstrated experience in Communicating, presenting insights and recommendations to stakeholders.
  • Ability to recognize and respond to diverse thinking styles, learning styles and cultural qualities.
  • Strong analytical skills with the ability to translate future vision into a set of clear deliverables.



An attractive remuneration package will be offered including salary, Medical Insurance for employee and immediate family (dependents up to 18 years of age), Life insurance, long service leave after 5 years, generous Kiwisaver contribution based on tenure, access to counselling and support services, Family scholarships applications, BP Fuel Discounts and other retail discounts.


For a confidential discussion, you can contact Richard Foster on 03 379 7002 / 021 85 45 45. To submit an application please press the Apply key.

FOSTERRA HR & Recruitment is exclusively managing this recruitment process on behalf of Fulton Hogan.

Engineering • Manufacturing • Electronics • IT&l;T • Infrastructure • Construction • Architecture
Group IT Risk and Assurance Manager
New Zealand
Christchurch - City ~ Canterbury
Job Group:
IT & T
Job Classification: