Build a safer digital future with Cianaa.
Join a 23-person ecosystem of cybersecurity, compliance and AI-governance practitioners delivering ISO 27001, 27701, 42001 and PCI DSS engagements across New Zealand, Australia and the wider Asia-Pacific region.
ISO 27001 · 27701 · 42001
Lead Implementer and Lead Auditor pathways with funded PECB training enrolment.
PCI DSS · PCI 3DS QSA
QSA assessor track for experienced cyber/audit practitioners with regulated scope.
4 universities · NZ & APAC
EIT, University of Auckland, NUST and LUMS — hybrid intern programme on live engagements.
Real engagements. Real mentors. Real impact.
Cianaa consultants work on live ISO, PCI DSS and AI-governance programmes for organisations across Asia-Pacific — alongside QSAs, ISO 27001/27701/42001 Lead Auditors and the wider Cianaa subject-matter expert network.
Work that matters, mentors who lift you up.
Three things you’ll find inside Cianaa from day one — whether you join as an intern, a consultant or a lead auditor.
Live engagements from week one
You won’t shadow paperwork. New joiners are paired with a Lead Auditor on real client gap assessments, audits and implementations — with appropriate supervision and NDA scope.
Mentor-led growth, not loose mentorship
Every consultant is paired with a Cianaa SME on a structured 90-day onboarding plan, followed by quarterly career conversations and explicit certification milestones.
Funded PECB-accredited training
Cianaa is a PECB-partnered training organisation. We fund and enrol you in Lead Implementer / Lead Auditor pathways for the standards in your career track — at no cost to you.
Six tracks. One ecosystem.
Cianaa hires across six practice tracks — covering Information Security, Privacy, AI Governance, Payment Card Industry assessment, Risk & Compliance and the structured Internship pipeline.
Track 01
ISO/IEC 27001 Lead Implementer & Auditor
Design, implement and audit Information Security Management Systems for clients across financial services, healthcare, fintech and government.
Track 02
ISO/IEC 27701 Privacy Consultant
Privacy Information Management programmes aligned to NZ Privacy Act 2020, Australian Privacy Act and GDPR — extending ISMS into PIMS.
Track 03
ISO/IEC 42001 AI Governance Consultant
Establish AI Management Systems for organisations deploying machine-learning and generative-AI in regulated industries.
Track 04
PCI DSS & PCI 3DS QSA Auditor
Regulated QSA assessment work across PCI DSS v4 and PCI 3DS for acquirers, processors, merchants and 3DS service providers.
Track 05
Cybersecurity & Risk Analyst
Threat modelling, control-monitoring engagements, gap assessments, third-party risk reviews and incident-response readiness for enterprise clients.
Track 06
Cianaa Internship Programme
12-week and full-year hybrid internships with structured mentorship — open to students at our four university partner institutions.
From intern to subject-matter expert.
A transparent four-stage progression with named milestones and funded certification at every step.
Internship
12-week or full-year placement. Shadow + supervised contribution on live engagements with mentor pairing.
Associate Consultant
Own deliverable workstreams on client gap assessments and implementations. PECB Lead Implementer enrolled.
Lead Auditor
Run client engagements end-to-end. ISO 27001/27701/42001 Lead Auditor certified. Mentor associates.
Subject-Matter Expert
Define methodology for a practice area. Train across Cianaa. Speak at industry events. Shape the firm.
Built for practitioners, not seat-warmers.
Practical benefits that compound your career — at every stage from internship through SME.
Funded PECB certifications
Lead Implementer / Lead Auditor enrolment fully funded for your track.
Hybrid & remote-first
Combine Auckland-based client work with remote delivery and flexible hours.
Quarterly career reviews
Named milestones, not vague “check-ins”. Clear path to the next stage.
Live-client portfolio
Your CV grows real, not theoretical — across ISO, PCI DSS, privacy and AI governance.
SME mentorship
Paired with a Lead Auditor / SME from day one for structured 90-day onboarding.
Mission-driven work
Protect the data, payments and AI systems that organisations across APAC depend on.
Four university partnerships across two regions.
Cianaa’s structured internship pipeline runs in formal partnership with the following institutions. Internship applications are coordinated through your university’s careers office or directly via careers@cianaatech.com.
Eastern Institute of Technology
Applied IT and cybersecurity students — hybrid internships paired with NZ-based Cianaa Lead Auditors.
University of Auckland
Computer Science, Information Systems and Security students — programme aligned to APAC client engagements.
NUST
National University of Sciences and Technology — School of Electrical Engineering and Computer Science cohort.
LUMS
Lahore University of Management Sciences — SBASSE Computer Science cohort with cyber/AI specialisations.
How to apply — four steps.
A transparent process calibrated to your seniority and chosen track — typically completed within two weeks.
Submit your CV
Email your CV, a short cover note and one paragraph on a compliance or cybersecurity problem you’d like to solve to careers@cianaatech.com.
Initial screening call
A 30-minute introductory call with a Cianaa Talent Lead covering your background, motivations and preferred career track (implementation, audit, advisory or internship).
Technical conversation
A scenario-based discussion with a Cianaa Lead Auditor or Subject-Matter Expert — calibrated to your role’s seniority and target standard (ISO 27001/27701/42001, PCI DSS or PCI 3DS).
Offer & onboarding
For successful candidates: an offer, accredited PECB training enrolment as appropriate, and a personalised 90-day onboarding plan with a Cianaa SME mentor.
Careers FAQ
Quick answers about working at Cianaa — tracks, locations, certifications, internships and applications.
What career tracks does Cianaa Technologies hire for?
Cianaa hires across six tracks: ISO/IEC 27001 Lead Implementer/Auditor, ISO/IEC 27701 Privacy Consultant, ISO/IEC 42001 AI Governance Consultant, PCI DSS / PCI 3DS QSA Auditor, Cybersecurity & Risk Analyst, and the Cianaa Internship Programme with EIT, NUST, University of Auckland and LUMS.
Where is Cianaa Technologies based and where do you hire?
Cianaa is headquartered in Auckland, New Zealand. We hire across New Zealand, Australia and the wider Asia-Pacific region — with most roles offering hybrid or remote-first arrangements.
Do I need to be a certified auditor to apply?
No. Certifications (ISO 27001 LA, PECB Lead Implementer, PCI QSA) are valued but not required at entry. Cianaa funds and enrols hired consultants in the appropriate PECB-accredited training pathway during onboarding.
What does the Cianaa internship programme involve?
The programme runs with Eastern Institute of Technology (EIT, NZ), University of Auckland (NZ), NUST (Pakistan) and LUMS (Pakistan). Interns work alongside Cianaa Lead Auditors on real client engagements (with appropriate supervision and NDA controls) across ISO 27001, 27701, 42001 and PCI DSS.
Are roles remote, hybrid or on-site?
Most consultant roles are hybrid — combining on-site client work (Auckland and wider New Zealand) with remote delivery. QSA Assessor roles involve regulated on-site work at client locations. Internships are hybrid with structured in-person mentor sessions.
How do I apply if there are no current openings listed?
Cianaa accepts speculative applications year-round. Email your CV and a short cover note to careers@cianaatech.com — applications are reviewed monthly and held on file for matching openings across all six career tracks.
Ready to take it to the next level?
Send us your CV, a short cover note and one paragraph on a compliance or cybersecurity problem you’d like to solve. We review applications monthly across all six career tracks.
Email careers@cianaatech.com →