GRC Analyst/Technology Risk Analyst/GRC Specialist-REMOTE

Job Summary:

We are seeking a GRC / Vendor Risk Generalist to support Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) activities. The ideal candidate will have experience conducting vendor risk assessments, reviewing security and compliance documentation, managing risk registers, and supporting audit and compliance initiatives.

Key Responsibilities:
• Perform vendor/third-party risk assessments and due diligence reviews.
• Review security questionnaires, SOC reports, and compliance documentation.
• Support GRC activities including risk assessments, control reviews, and compliance monitoring.
• Track risk remediation efforts and maintain risk registers.
• Collaborate with Security, Compliance, Legal, Procurement, and business teams.
• Assist with audit requests and regulatory compliance initiatives.

Requirements:
• 2+ years of experience in GRC, Vendor Risk, TPRM, IT Risk, Compliance, or Audit.
• Knowledge of frameworks such as NIST, ISO 27001, SOC 2, or CIS Controls.
• Experience reviewing vendor security controls and risk documentation.
• Strong analytical, communication, and stakeholder management skills.
• Experience with GRC tools (ServiceNow, Archer, OneTrust, LogicGate, etc.) is a plus.