Third Party GRC Analyst
Third Party GRC Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
$ 90000 - 120000
1 Vacancy
Job Description
Job Title: Third Party GRC Analyst
Primary Location: Los Angeles CA (Remote)
Position Type: Direct Hire
OVERVIEW:
TalentFish is partnered with our client to find a Third Party Governance Risk and Compliance (GRC) Analyst! This position is a key role within the Information Security team and supports the execution of Third Party Risk Management (TPRM) Client Compliance and IT Risk Management programs. The ideal candidate will have strong experience across the GRC lifecycle and a passion for identifying and mitigating third-party risks in a highly regulated environment.
WHAT YOULL DO:
The Third Party GRC Analyst will be responsible for:
Supporting all phases of the TPRM lifecycle from onboarding to offboarding vendors.
Conducting third-party risk assessments to identify and mitigate privacy and security risks.
Requesting reviewing and tracking due diligence documentation using MS Excel and/or Confluence.
Reviewing vendor risk documentation (e.g. SIG questionnaires SOC2 Type II SSAE18 reports policies etc.).
Applying knowledge of NIST CSF and regulatory frameworks (GDPR etc.) in risk assessments.
Collaborating with internal stakeholders to track and report on vendor issues and remediation.
Coordinating InfoSec evaluations of vendor security controls.
Assisting with key risk reporting and metrics development.
Partnering with Procurement/Contracts teams to support vendor agreement reviews.
Supporting Client Compliance efforts including assessment responses and coordination with clients.
Contributing to continuous improvement initiatives within the GRC program (including automation).
Staying current on developments in TPRM and GRC practices.
Participating in various ad hoc GRC and risk-related projects.
WHAT YOULL NEED:
Proficiencies:
Strong understanding of TPRM and the outsourcing lifecycle.
Working knowledge of GRC best practices frameworks and principles.
Familiarity with security and privacy regulations such as NIST ISO GDPR CCPA.
Highly organized with attention to detail and the ability to work independently.
Strong written and verbal communication skills.
Ability to collaborate with internal and external stakeholders across functions.
Qualifications:
3 years of experience in Third Party Risk Management GRC InfoSec or related roles.
Experience in regulated industries (financial legal healthcare) or with Big 4 consulting firms.
Demonstrated ability to manage vendor cybersecurity evaluations.
Professionalism accountability and a commitment to excellence in risk and compliance.
Compensation Information
The expected salary range for this position is $90000-$120000 per year depending on experience and qualifications. This role also offers comprehensive benefits including health insurance a 401(k) plan and paid time off. TalentFish is committed to pay transparency and equal opportunity. The salary range provided complies with applicable state and federal regulations.
This role requires authorization to work in the U.S. without current or future visa sponsorship.
All offers are contingent upon the completion of a background check which may include but is not limited to reference checks education verification employment verification drug testing criminal records checks and any required certifications or compliance requirements based on the end clients background check policies and applicable laws.
TalentFish is an employee-owned company pioneering a new realm in talent acquisition. We are redefining IT staffing by evolving AI video screening and our unique platform. TalentFish focuses on delivering the best possible experience for employees consultants and clients.
At TalentFish we are an Equal Opportunity Employer; we embrace and encourage diversity!
Employment Type
Full Time
