Security Compliance Engineer

About Auror

At Auror, we’re empowering the retail industry to tackle theft and Organised Retail Crime, a $150 Billion problem globally. It’s high volume crime that’s increasingly organised in nature and is putting people, retailers, and communities at risk every day.

Founded in New Zealand 11 years ago, we’re working with some of the best and largest retailers in the world across the US, Canada, Australia, New Zealand, and the UK.

Auror is connecting people and intelligence to reduce crime. We’re using technology for good. 

In partnership with our leading retail partners, we need people with the passion, determination, and innovation required to overcome one of the world's largest problems. If you’re looking to make a difference with and for the people dedicated to stopping crime, for good, then we want you on our team.

The Role

In the role of Security Compliance Manager in the Information Security team you will be responsible for working on various customer-facing activities ensuring Auror controls match with customer requests, controls and processes! You will also lead the efforts of ensuring that compliance controls are met and maintained for Auror. You will be working with our customers and our internal teams evaluating security and compliance-related inquiries. Reporting directly to the Director of Information Security, you will lead, drive, and monitor programs and initiatives to empower our Customer teams in building secure relationships and with our internal teams managing our compliance portfolio. You will be a part of the story within Auror  to innovate and improve in the Security space.

Providing cross-functional coordination with Engineering and Product Management, and inter/intra team communications to deliver outstanding program outcomes is a part of the core DNA of Security Compliance Engineers. Work closely with software engineers, product managers and other engineering teams to get high-quality products and features through the software project lifecycle (build, test and release on time). Manage project schedules, identify possible issues and clearly communicate them to project stakeholders. Identify opportunities to improve execution of the organization as a whole, to increase engineering productivity through tools and process improvements.

This role partners closely with Platform, Product, & Customer teams to ensure the processes and communications developed by Security are high quality and support providing exceptional experiences to our people. It’s important that the person in this role has a pragmatic approach, knows what great looks like and is keen to build this out further at Auror as we scale.

Some of the responsibilities of this role include:

Modern Information Technology

• Collaboration and Partnership: Work closely with Customer teams on security requests, customer audits,  and compliance initiatives seamlessly.
• Security/Compliance Metrics and Reporting: Develop and track key security and compliance metrics company-wide. Use data-driven insights to continuously improve our security practices. Provide regular reports on security metrics, incidents, and the overall security posture to executive leadership and stakeholders.
• Managing GRC Platform: Work with our governance and risk platform tools to manage our ongoing SOC & ISO compliance activities. 
• Secure and Privacy-Minded Solution: Collaborate with machine learning, search, product, infrastructure, data, and frontend teams to gather audit evidence.
• Risk Mitigation: Collaborate with all departments at Auror to understand business and technical risks, taking measures to reduce or mitigate them while enhancing our overall security and compliance posture.
• Program Management: Efficiently manage complex and large-scale cross-team, cross-functional initiatives related to security and compliance.
• Resource Management and Communication: Interface with engineering managers and engineers to estimate work efforts, define milestones, manage resources, and communicate progress to project stakeholders.
• Obstacle Removal and Momentum: Proactively identify and remove obstacles, ensuring smooth progress. Handle issue escalations and support teams juggling competing priorities.
• Results-Driven Approach: Demonstrate a proactive and results-oriented approach to achieve security objectives.

This role reports to Scotland Symons, Director of Information Security

Scotland has been working in the technology & Security industry for the last twenty years and has worked for Microsoft, Apple, Amazon, and a few more. Coming to Auror from the US she runs the security team at Auror focusing on all of our efforts to secure the platform, code and efforts to protect Auror and its customers.

Security for me is about critical thinking and flexibility, to figure out how to protect something I lean in on how that thing works and from there can define ways to protect it. Security is also not linear and requires lots of exploration and constant learning and so my approach is that of curiosity. I try to weigh the needs of immediate protective action with long term Security efforts while weighing the need of keeping the business going. The role of Security can sometimes be stressful especially in times where there is an incident and so I try to approach things with deep honesty as well as levity. I always keep failure in mind but don’t look at it as a dead end but rather an opportunity to learn how to get up and keep going. I deeply love Science and art and am a huge fan of science fiction. I love exploration, riding motorcycles, cooking, robots, and my cats. I’m deeply excited to work with others that want to dive in and try and solve problems and be curious about the why and how of things and the patience to allow for others to come along on the journey of thinking critically and having assumptions challenged. Check out my LinkedIn here.

Requirements

About you

• Experience project managing large scale and complex software initiatives.
• Effective verbal and written communication and presentation skills, with the ability to interact with technical and non-technical groups.
• Excellent analytical, problem-solving, consultation and organisational skills.
• 4+ years of experience in the Security/Privacy space as a compliance or Program Manager (or equivalent)
• Experience in improving, reporting, and measuring security/privacy metrics across an organization
• Expertise in cloud infrastructure such as Google Cloud and/or Azure
• Strong relationship-building skills to influence and motivate diverse job functions
• Exceptional organisational abilities to manage multiple competing priorities effectively
• Ability to make objective decisions based on understanding complex concepts
• Eagerness to delve into problems, drive alignment, and assist with execution through well-documented plans.
• Strong knowledge of security best practices, standards, and frameworks as well as regulatory requirements in environments with compliance requirements (SOC2, ISO27001, NIST, CJIS, etc.)
• Experience with back-up & recovery mechanisms, high availability, and disaster recovery planning.
• Strong communication skills, with the ability to effectively communicate security concepts to non-technical stakeholders.

We are looking for people who demonstrate a strong alignment to our Guiding Principles (you can find these on our Careers page).

With diversity and inclusion at the forefront of Auror’s guiding principles, we promote a culture that celebrates diversity and inclusiveness at Auror, regardless of, but not limited to, race, gender, sexual orientation, family status, religion, ethnicity, national origin, physical disability, veteran status, or age.

Benefits

• Competitive salary Range: Depending on level of experience, $110,000 - $134,000NZD

• Employee share scheme: You’ll own part of a company making a real difference!
• Flexibility: We are hard-working and outcome focused, but recognise there is more to life than work. We promote a healthy work/life blend.
• Shorter work weeks (at full pay): Everyone gets Friday afternoons off, so you can start your weekend early, and do more of whatever it is that makes you happy.
• Focus on mental and physical health: We understand how vital our health is and have policies to support your wellness, including: Wellness Days,  and up to three expert sessions paid for every year.
• Health Care Plan: From 1 April ‘24, Auror covers 100% of the cost of your individual health insurance plan.
• Family-friendly: We offer comprehensive parental leave and benefits for primary and non-primary caregivers, including a baby bonus and meals delivered to your door.
• Personal growth: We support our team to participate in courses, conferences, or events that will help them develop their skills.
• Team love: We have regular team lunches and social events where most (if not all) activities are during work hours.

Next steps:

If you’re excited about our mission and you have experience and a passion for this role, please hit “Apply” below. 

We’re proud that Auror is a place where everyone can learn and grow. So if you’re not sure that you tick all the boxes but feel you’re close to what we’re looking for, please apply anyway as we’d love to hear from you! 

Once you apply, you’ll hear from us to acknowledge your application. If you have questions about any of the above, or if you have any accessibility requirements, we’ll be able to help you from there.