Risk & Compliance Analyst

We’re looking for a Senior Risk & Compliance Analyst to join Vista Group and play a key role in strengthening how we manage risk across our global business.

This is a hands-on, advisory role where you’ll partner with teams across the organisation to embed practical, scalable risk and compliance practices. You’ll provide meaningful insights, support regulatory obligations, and help ensure risk-informed decision-making at all levels.

You’ll also contribute to the ongoing maturity of our control environment, supporting areas such as third-party risk management and SOC 2 assurance activities.

About the role

Risk & Compliance

• Facilitate risk and control assessments and support the development of effective mitigation strategies
• Maintain and enhance risk registers, control inventories, and business continuity plans
• Provide practical, guidance-led support aligned to Vista’s risk framework and regulatory requirements

Third-Party Risk

• Manage key components of our third-party risk management (TPRM) processes
• Conduct vendor risk assessments and ongoing monitoring
• Partner with internal stakeholders to manage issues and ensure appropriate oversight

SOC 2 & Assurance

• Support SOC 2 audit processes, including coordinating evidence and responses
• Assist with internal control assurance activities and monitoring compliance
• Track and report on risk events and contribute to trend analysis and insights

Metrics & Reporting

• Develop and monitor key risk and performance metrics
• Support the preparation of risk reporting for senior leadership
• Provide clear, timely insights to support business decision-making

Continuous Improvement

• Identify opportunities to strengthen Vista’s control environment
• Provide risk input into business initiatives, projects, and change activities
• Support the development and uplift of risk and compliance practices

Education & Documentation

• Help develop and maintain policies, standards, and procedures
• Contribute to risk training and awareness across the business
• Produce high-quality documentation to support consistent practices

About Vista

Vista is a world-leading company that makes software for the cinema industry. Started in Auckland, New Zealand, over 25 years ago, we now serve cinemas, film distributors, and moviegoers worldwide.

Our HQ is in the City Works Depot in Auckland. We have offices and subsidiary companies in Sydney, Los Angeles, London, Amsterdam, Cape Town, Shanghai, Mexico City, and Kuala Lumpur. We use the latest technologies and offer a fun, agile and collaborative environment. We continue to innovate and build our reputation as one of the best Kiwi tech companies to work for.

Requirements

You'll Need:

• Around 3+ years’ experience in risk, compliance, or assurance (first or second line)
• Experience conducting risk and control assessments and working with stakeholders across the business
• Knowledge of frameworks such as SOC 2
• Experience supporting third-party risk management and vendor assessments
• Exposure to privacy regulations (e.g., GDPR, CCPA, NZ Privacy Act)
• Strong written and verbal communication skills, with the ability to influence and challenge constructively
• A proactive, detail-oriented approach with strong analytical capability

Nice to have:

• A degree in IT, risk, business, or a related field
• Relevant certifications (e.g. CRISC)

Benefits

You will be supported to continually learn and improve your skills, share knowledge and ideas in the team, and be part of a dynamic and open culture.

We have a range of benefits that include:

• Excellent work/life balance including a 4 ½ day working week
• Hybrid working
• Medical and Life insurance
• Volunteer day, enhanced paid parental leave and wellness benefits
• Strong mentoring & career development focus
• Fun team events including the Vista Innovation Cup

Shared Standards 

Our Shared Standards act as a compass for how we work together and reflect the behaviours we value at Vista Group. The way in which each member of our crew embodies these Shared Standards is an indicator for performance and success, as it aligns with our vision and strategy.   

One Crew 

• We're a diverse team, in different places and functions, and we're at our best when we connect, help and collaborate.  

Shine a Light 

• We communicate openly, we explain the why, and we ask when we don't understand. We don't leave people in the dark. 

Make it Happen 

• We make good things happen as people and as teams through our focus on delivery. 

Chase Great 

• We challenge ourselves and each other to keep improving. 

We value inclusivity celebrate diversity and are committed to offering equal opportunity to our staff and candidates — regardless of gender, age, race, ethnicity, marital status, disability, sex, sexual orientation, religious, ethical beliefs or political opinion. This commitment is reflected in all our employment policies and procedures.