Security Compliance Analyst
IT, Legal
Auckland, New Zealand
NZD 90k-120k / year + Equity
About Auror
At Auror, we’re empowering the retail industry to tackle theft and Organised Retail Crime, a $150 Billion problem globally. It’s high volume crime that’s increasingly organised in nature and is putting people, retailers, and communities at risk every day.
Founded in New Zealand 12 years ago, we’re working with some of the best and largest retailers in the world across the US, Canada, Australia, New Zealand, and the UK. Auror is connecting people and intelligence to reduce crime. We’re using technology for good.
Our mission is clear: reduce violent retail crime by 50% in 5 years. It's an ambitious goal - and one we believe is achievable. In partnership with our leading retail partners, we need people with the passion, determination, and innovation required to overcome one of the world's largest problems. If you’re looking to make a difference with and for the people dedicated to stopping crime, for good, then we want you on our team.
We're also embracing the potential of AI to supercharge our impact - whether that's enhancing the way we detect trends, support our customers, or improve internal workflows. As a company, we're committed to responsibly incorporating AI into how we work and what we build, and we encourage all Aurors to be curious about how AI can elevate their work, regardless of role or function.
The Role
In the role of GRC Analyst within the Security Compliance & Customer Trust pillar, you will own the day-to-day operations that keep Auror's compliance programme running — and our customers confident. Your primary focus is questionnaire operations: you manage the intake queue, maintain the answer library, and draft first-pass responses so our compliance work moves quickly and accurately. You will also support SOC 2 readiness, Vanta administration, and Trust Centre documentation under the guidance of the GRC Lead.
Reporting directly to the Senior Director of Information Security, you bring strong written communication and a high ownership mindset to a role that sits at the intersection of security, sales, and customer trust. You keep the pipeline moving, flag risks before they become problems, and help build the infrastructure that lets Auror answer customer security questions at scale.
This role partners closely with Sales, Customer Success, and Engineering to ensure questionnaire responses are accurate, timely, and reflect Auror's current security controls. You are process-oriented, comfortable managing a queue with competing priorities, and confident communicating under deal-cycle pressure.
Responsibilities
Questionnaire Intake and Triage: Own the questionnaire intake queue — log incoming requests, track deadlines, and maintain a live status tracker so nothing falls through. Flag at-risk SLAs to the GRC Lead and coordinate with Sales and Customer Success on customer expectations.
Answer Library Management: Maintain a library of pre-approved, evergreen responses covering security controls, data handling, sub-processors, and incident response. Target first-pass coverage of ~80%+ without GRC Lead review.
First-Pass Completion: Draft responses to standard security questionnaires — SIG Lite, CAIQ, and custom customer formats — by drawing on the answer library and current control documentation. Escalate novel or sensitive items to the GRC Lead with clear context.
SLA and Pipeline Visibility: Own completion metrics — report progress to the GRC Lead, and proactively surface any risks to delivery timelines.
SOC 2 and Vanta Support: Help coordinate the audit readiness calendar (evidence windows, policy reviews, vendor reviews) under GRC Lead direction. Manage alerts and vendor records in Vanta as part of Auror's continuous compliance posture for SOC 2 and future audit programmes.
Linear Ticket Management: Create and track Linear tickets for findings that require remediation or input from other teams. Follow up to make sure items do not stall.
Audit Support: Support annual audit activities by collecting and organising evidence, tracking audit-related tickets, and archiving materials for reference.
Trust Centre Documentation: Prepare documents for review and inclusion in Auror's Trust Centre, ensuring accuracy and consistency with current control posture.
This role reports to Scotland Symons, Senior Director of Information Security
Scotland has been working in the Technology & Security industry for the last twenty years and has worked for Microsoft, Apple, Amazon, and a few more. Coming to Auror from the US, she runs the security team at Auror focusing on all of our efforts to secure the platform, code and efforts to protect Auror and its customers. In her own words below:
“Security for me is about critical thinking and flexibility, Security is also not linear and requires lots of exploration and through good iteration driving towards the goal of good architecture. I try to weigh the needs of immediate action with long term Security & Engineering efforts while weighing the need of keeping the business going. The role of Information Security can sometimes be stressful especially in times where there is an incident and so I try to approach things with deep honesty as well as levity. I always keep failure in mind but don’t look at it as a dead end but rather an opportunity to learn how to get up and keep going.”
Requirements
2–3 years of experience in GRC, IT audit, or security operations
Familiarity with SOC 2 trust service criteria
Experience with questionnaire tools (Conveyor, Responsive, RFP360, or similar) — or a strong desire to build that muscle
Comfort with Vanta or similar compliance automation (nice to have)
Strong written communication — you will be the first voice customers hear on security questions
Process-oriented with high ownership on deadlines; comfortable managing a queue with competing priorities
Ease working cross-functionally with Sales and Customer Success under deal-cycle pressure
Curiosity, humility, and openness — seeks and shares feedback with intent, learns from setbacks, and adapts with resilience
Acts as a positive, collaborative team member who builds trust, invites healthy dissent, and holds themselves and others accountable to shared outcomes
We are looking for people who demonstrate a strong alignment to our Guiding Principles (you can find these on our Careers page).
With diversity and inclusion at the forefront of Auror’s guiding principles, we promote a culture that celebrates diversity and inclusiveness at Auror, regardless of, but not limited to, race, gender, sexual orientation, family status, religion, ethnicity, national origin, physical disability, veteran status, or age.
Benefits:
Competitive salary range: Depending on level of experience, between $90,000 - 120,000 (IC2).
Annual bonus: Eligibility for a $2,200 bonus at the end of the financial year if we’ve hit our revenue goals together.
Employee share scheme: You’ll own part of a company making a real difference!
Flexibility: We are hard-working and outcome focused, but recognise there is more to life than work. We promote a healthy work/life blend.
Shorter work weeks (at full pay): Everyone gets Friday afternoons off, so you can start your weekend early, and do more of whatever it is that makes you happy.
Health insurance: We prioritise looking after your health by covering 100% of your individual health insurance plan with nib.
Focus on mental and physical health: We understand how vital our health is and have policies to support your wellness, including Wellness Days, and up to $750 for expert sessions every year.
Family-friendly: We offer comprehensive paid parental leave - 12 weeks for birth parents and 6 weeks for non-birth parents following birth, adoption, or surrogacy, available to all Aurors from day one.
Personal growth: We support our team to participate in courses, conferences, or events that will help them develop their skills.
Team love: We have regular team lunches and social events where most (if not all) activities are during work hours.
What are the next steps?
If you’re excited about our mission and you have the experience and a passion for this role, please hit “Apply”.
If you’re not sure that you tick all the boxes but feel you’re close to what we’re looking for, please apply anyway! We’re proud that Auror is a place where everyone can learn and grow so we’d love to hear from you.
You'll be asked to submit a cover letter as part of your application. While this is optional we do encourage it, as we find cover letters can tell a story that resumes alone often cannot. Our hiring team love to understand what attracted you to this role and why you are excited about the opportunity to join Auror.
Once you apply, you’ll hear from us to acknowledge your application. If you have questions about any of the above, or if you have any accessibility requirements, we’ll be able to help you from there.