Job Description
Working across the business you’ll identify and limit risks, collaborating with internal cross-functional teams to achieve effective and efficient operational risk management practices throughout the organisation.
Focusing on technology, cyber and information security, you’ll manage various risk programmes of work, with primary responsibility for planning and leading end-to end implementation of SOC2 controls, tools, and processes, across our global business, to achieve certification.
About the role
- Using your project management experience, you’ll lead the effective end-to-end implementation of SOC2 certification for Vista Group
- You will provide guidance and support to the business through the facilitation of risk and control assessments and development of appropriate mitigation strategies
- Assist with maintaining the risk register, controls inventory and business continuity plans
- Develop and monitor key performance and risk metrics to track potential changes in risks and compliance with established policies and standards
- Identify and recommend improvements within Vista Group’s control environment
- Provide agile risk in change support and expertise on regulatory and business changes, projects and improvement initiatives
- Develop and implement policies and procedures to ensure compliance with regulations and industry best practice, including technical documentation to guide the business
- Assist with developing a risk and compliance training programme in conjunction with internal stakeholders
- Perform appropriate control assurance activities, monitor compliance activities, record, monitg and investigate risk events/incidents, and assist with the preparation of trend analysis and reporting for senior management
About Vista
Vista is a world-leading company that makes software for the cinema industry. Started in Auckland, New Zealand, over 25 years ago, we now serve cinemas, film distributors, and moviegoers worldwide.
Our HQ is in the City Works Depot in Auckland. We have offices and subsidiary companies in Sydney, Los Angeles, London, Amsterdam, Cape Town, Shanghai, Mexico City, and Kuala Lumpur. We use the latest technologies and offer a fun, agile and collaborative environment. We continue to innovate and build our reputation as one of the best Kiwi tech companies to work for.
You’ll need:
- Strong knowledge of security frameworks such as SOC2 and NIST
- A good understanding of ISO27001 and PCI DSS standards and compliance
- Extensive experience conducting technology risk and control assessments or audits
- Experience writing policy and procedure documentation
- Project management / change management experience, preferably software technology related
- Great communication and stakeholder management skills
- Analytical thinking and problem solving skills, with the ability to examine problems and solutions from all sides
- Bachelor’s degree in information technology or relevant industry-based certification is desirable
You will be supported to continually learn and improve your skills, share knowledge and ideas in the team, and be part of a dynamic and open culture.
We have a range of benefits that include:
- Excellent work/life balance including a 4 ½ day working week
- Hybrid working
- Medical and Life insurance
- Volunteer day, enhanced paid parental leave and wellness benefits
- Strong mentoring & career development focus
- Fun team events including the Vista Innovation Cup
Shared Standards
Our Shared Standards act as a compass for how we work together and reflect the behaviours we value at Vista Group. The way in which each member of our crew embodies these Shared Standards is an indicator for performance and success, as it aligns with our vision and strategy.
One Crew
- We’re a diverse team, in different places and functions, and we’re at our best when we connect, help and collaborate.
Shine a Light
- We communicate openly, we explain the why, and we ask when we don’t understand. We don’t leave people in the dark.
Make it Happen
- We make good things happen as people and as teams through our focus on delivery.
Chase Great
- We challenge ourselves and each other to keep improving.
We value inclusivity celebrate diversity and are committed to offering equal opportunity to our staff and candidates — regardless of gender, age, race, ethnicity, marital status, disability, sex, sexual orientation, religious, ethical beliefs or political opinion. This commitment is reflected in all our employment policies and procedures.
