To Apply for this Job Click Here
About the Team
The Governance, Risk, and Compliance (GRC) team is small but impactful, reporting directly to the Senior Director of Security. The team leverages platforms and automation to build efficiency and scale in areas such as vendor security reviews, compliance framework reporting, and controls documentation.
About the Role
This role will work closely with the current GRC Lead to mature vendor information security review processes. Responsibilities will include building new workflow automations, managing the library of existing vendor documentation, and partnering with Strategic Sourcing, Procurement, and Legal stakeholders to strengthen vendor security practices.
A typical day may begin with monitoring midstream onboarding reviews and updating stakeholders on their status, followed by collaborating on workflow integrations. Additional tasks may include reviewing existing vendors’ documentation status or initiating new reviews during contract renewals (or working to automate that process). The ideal candidate will proactively improve daily processes and grow into new responsibilities over time, such as documenting controls compliance or supporting audit efforts.
Technical Skills
Must Have
-
A self-starter; comfortable operating in uncertain environments and working independently
-
Experience with technology vendor management, including cloud providers and other third-party vendors
-
Compliance and risk management expertise
-
Effective vendor management skills
-
The ability to communicate frequently in an inclusive, thoughtful, and kind manner
Nice to Have
-
Experience as a Cybersecurity Analyst
-
Knowledge of controls analysis and implementation
-
Audit documentation experience
-
Familiarity with controls compliance
Additional Details
-
Full-time: 40 hours per week
-
Duration: Through March 2026
-
Remote and hybrid eligible, within time zones between PST and EST
T1429524NYC_1758579002