3rd Party Governance, Risk and Compliance (GRC) Analyst (Law Firm Exp) Job at SourcePro Search, LLC, Los Angeles, CA

cVlqUlpGM3duYlg0aEpXTTdDRy9WSmFFRFE9PQ==
  • SourcePro Search, LLC
  • Los Angeles, CA

Job Description

We are conducting a search for an experienced Third Party Governance, Risk and Compliance (GRC) Analyst with a minimum of three years’ experience and a background in working with Big 4 consulting firms, financial institutions, or other highly regulated industries.

The ideal candidate will join the InfoSec team to assist in executing the Third Party GRC function, which includes Third Party Risk Management (TPRM), Client Compliance and IT Risk Management. This includes facilitating activities across the GRC lifecycle to identify and address risks related to TPRM, Client Compliance, IT Risk, and proven ability to support due diligence, ongoing risk assessments and monitoring across functional areas. The Third Party Governance, Risk and Compliance (GRC) Analyst will be responsible for coordinating GRC efforts, including the review of cybersecurity controls of third-party vendors and vendor hardware, software, and services in alignment with the organization’s current IT risk management standards.

What You'll Do:

  • Work closely with the TPRM Manager in the key phases of the Third-Party Risk Management lifecycles from pre-onboarding to off boarding of vendor relationships;
  • Assist in facilitating third party risk assessments for initial due diligence and ongoing evaluation of third-party vendor services to identify potential privacy and security related risks;
  • Request, review and track vendor due diligence documents utilizing MS Excel and/or Confluence, including vendor follow up and due diligence analysis;
  • Manage distribution and assist in the review of required vendor cyber risk documents, such as third-party risk assessment questionnaires (e.g., SIG), audited reports of controls (i.e., SSAE18, SOC2 Type II, etc.), vendor security policies and other information to support the identification and evaluation of potential outsourcing risks;
  • Demonstrate a general understanding of industry standards (such as NIST CSF) and the regulatory landscape (such as GDPR) to assist in providing comprehensive assessments across the GRC domains;
  • Work with third parties and internal stakeholders to identify, track and report identified issues and risk remediation efforts;
  • Assist in executing GRC methodologies and provide training/guidance to Procurement, Departments and Key Stakeholders;
  • Coordinate across the InfoSec team to evaluate the vendor’s security controls and identify associated risks;
  • Support the risk reporting and key metrics process;
  • Work with Contracts Administration/Procurement to support contractual reviews for new and existing vendors;
  • Support Client Compliance efforts, including assessment completion, webshare support, and coordination with clients and client stakeholders;
  • Contributes to the continuous improvement, including automation where possible, of all aspects of the GRC program;
  • Stay informed about the latest developments in the vendor risk management field and other GRC domains; and
  • Support various ad hoc projects across the GRC team (e.g., program enhancements, process improvements, and other functions).

What You'll Bring:

  • At least 3 years of experience in Third Party Risk Management and GRC or related fields;
  • Experience working with Big 4 consulting, financial or other heavily regulated industries;
  • Demonstrate integrity, accountability, respect and commitment to the Firm;
  • Demonstrate excellence in managing all functions of the job;
  • Apply the knowledge and skills required to perform at the highest level;
  • Demonstrate best practices in professional relationships; and
  • Focus on job execution and achieving results.
  • Strong understanding of the TPRM outsourcing lifecycle;
  • Elevated knowledge in the GRC domains of TPRM, Compliance and Risk Management;
  • Highly organized and detail oriented;
  • Proactive and able to work independently;
  • General knowledge of privacy and information security frameworks (e.g., NIST, ISO, etc.) and relevant regulatory requirements (e.g., GDPR, CCPA, etc.);
  • Expertise on GRC trends and research to address potential security exposures;
  • General understanding of GRC frameworks and principles;
  • Strong written and verbal communication skills; and
  • Knowledge of supplier resiliency requirements.

Job Tags

Similar Jobs

Lexuezhe Language Center

English teachers ( online or at school ) Job at Lexuezhe Language Center

Native English speaker with neutral accent Bachelors degree or above Must be a holder of TEFL/TESOL/CELTA or a valid State/provincial teaching license Minimum 1-year teaching experience in K-12 Wired, high speed and stable internet connection Punctual, responsible... 

GearUp2Success

Leadership & Success Mentor Job at GearUp2Success

 ...unlock significant income potential. Follow a proven 3-step system within a positive community, where you are the architect of your own success. Requirements Promote and distribute award-winning personal development products globally; Attend weekly live Zoom... 

Accor Hotels

Brand Marketing Manager Job at Accor Hotels

 ...ENNISMORE Company Description We are looking for a Brand Marketing Manager to join the newly formed Americas regional brand team at Ennismore, supporting our central brand and regional hotel & restaurant teams to execute global marketing projects. The Brand... 

US Defense Commissary Agency

Computer Assisted Ordering Technician Job at US Defense Commissary Agency

 ...Summary Serves as a Computer Assisted Ordering Technician in a commissary store at a Defense Commissary...  ...perpetual inventory balance on hand (BOH) levels which in turn determines optimum...  ...MUST include work hours for each job entry. Questionnaire. Preview at .... 

Coca-Cola Consolidated, Inc.

3rd Shift Part Time Automated Warehouse Material Handler Job at Coca-Cola Consolidated, Inc.

3rd Shift Part Time Automated Warehouse Material Handler Location Clayton, NC : Requisition ID: 221666 Posting Locations: Clayton Pay Range: $13.84 - $16.83, depending on experience Rate Frequency: Hourly Our Secret Ingredient is our Teammates. We offer great...