3rd Party Governance, Risk and Compliance (GRC) Analyst (Law Firm Exp) Job at SourcePro Search, LLC, Los Angeles, CA

MWZaQUhNZGlLeVdoQS80cy9JUjZYNFZxalE9PQ==
  • SourcePro Search, LLC
  • Los Angeles, CA

Job Description

SourcePro Search is conducting a search for an experienced Third Party Governance, Risk and Compliance (GRC) Analyst with a minimum of three years’ experience and a background in working with Big 4 consulting firms, financial institutions, or other highly regulated industries.

The ideal candidate will join the InfoSec team to assist in executing the Third Party GRC function, which includes Third Party Risk Management (TPRM), Client Compliance and IT Risk Management. This includes facilitating activities across the GRC lifecycle to identify and address risks related to TPRM, Client Compliance, IT Risk, and proven ability to support due diligence, ongoing risk assessments and monitoring across functional areas. The Third Party Governance, Risk and Compliance (GRC) Analyst will be responsible for coordinating GRC efforts, including the review of cybersecurity controls of third-party vendors and vendor hardware, software, and services in alignment with the organization’s current IT risk management standards.

What You'll Do:

  • Work closely with the TPRM Manager in the key phases of the Third-Party Risk Management lifecycles from pre-onboarding to off boarding of vendor relationships;
  • Assist in facilitating third party risk assessments for initial due diligence and ongoing evaluation of third-party vendor services to identify potential privacy and security related risks;
  • Request, review and track vendor due diligence documents utilizing MS Excel and/or Confluence, including vendor follow up and due diligence analysis;
  • Manage distribution and assist in the review of required vendor cyber risk documents, such as third-party risk assessment questionnaires (e.g., SIG), audited reports of controls (i.e., SSAE18, SOC2 Type II, etc.), vendor security policies and other information to support the identification and evaluation of potential outsourcing risks;
  • Demonstrate a general understanding of industry standards (such as NIST CSF) and the regulatory landscape (such as GDPR) to assist in providing comprehensive assessments across the GRC domains;
  • Work with third parties and internal stakeholders to identify, track and report identified issues and risk remediation efforts;
  • Assist in executing GRC methodologies and provide training/guidance to Procurement, Departments and Key Stakeholders;
  • Coordinate across the InfoSec team to evaluate the vendor’s security controls and identify associated risks;
  • Support the risk reporting and key metrics process;
  • Work with Contracts Administration/Procurement to support contractual reviews for new and existing vendors;
  • Support Client Compliance efforts, including assessment completion, webshare support, and coordination with clients and client stakeholders;
  • Contributes to the continuous improvement, including automation where possible, of all aspects of the GRC program;
  • Stay informed about the latest developments in the vendor risk management field and other GRC domains; and
  • Support various ad hoc projects across the GRC team (e.g., program enhancements, process improvements, and other functions).

What You'll Bring:

  • At least 3 years of experience in Third Party Risk Management and GRC or related fields;
  • Experience working with Big 4 consulting, financial or other heavily regulated industries;
  • Demonstrate integrity, accountability, respect and commitment to the Firm;
  • Demonstrate excellence in managing all functions of the job;
  • Apply the knowledge and skills required to perform at the highest level;
  • Demonstrate best practices in professional relationships; and
  • Focus on job execution and achieving results.
  • Strong understanding of the TPRM outsourcing lifecycle;
  • Elevated knowledge in the GRC domains of TPRM, Compliance and Risk Management;
  • Highly organized and detail oriented;
  • Proactive and able to work independently;
  • General knowledge of privacy and information security frameworks (e.g., NIST, ISO, etc.) and relevant regulatory requirements (e.g., GDPR, CCPA, etc.);
  • Expertise on GRC trends and research to address potential security exposures;
  • General understanding of GRC frameworks and principles;
  • Strong written and verbal communication skills; and
  • Knowledge of supplier resiliency requirements.

Job Tags

Similar Jobs

T. Parker Host

Foreman Job at T. Parker Host

 ...equivalent Valid TWIC and Drivers License required Previous experience in cargo handling and operating heavy machinery Ship or barge loading and unloading experience preferred Working knowledge of health and safety procedures Good interpersonal and... 

Express Employment Professionals - Rochester Hills

TIG Welder / Fabricator Job at Express Employment Professionals - Rochester Hills

 ...A well-established fabrication shop in Clinton Township is hiring a skilled TIG Welder/ Fabricator to support custom stainless projects. This is a direct hire, full-time role paying $22$28/hr, depending on experience, with steady weekday hours and overtime available.... 

ChaseSource

Investment Analyst Intern Job at ChaseSource

 ...future retirement benefits are funded by investment returns from the ERS Trust, which...  ...across six main asset classes: Public Equity, Private Equity, Fixed Income, Real Estate, Hedge...  ...asset classes. Learning Objective: Intern will learn about the Trust and asset class... 

Lee Health

Orthopedic Surgeon Job at Lee Health

 ...elite group of only 10 organizations nationwide to receive this honor. Lee Health is seeking a Podiatrist to join our busy Orthopedic practice! Lee Health is a nonprofit organization with more than 17,000 employees, 4,500 volunteers, and more than 1,300 employed... 

Kirby Inland Marine LP

Barge Cleaner Job at Kirby Inland Marine LP

 ...Overview Cleaning facility PIC performs the tasks associated with ensuring a barge is safe for entry by testing the atmosphere. Once the barge is tested safe by a licensed industrial hygienist the helper will then perform the duties required to strip and clean the barge...