Cybersecurity Analyst, IT GRC
Aprio
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $80,000 - $120,000 per year
About the role
- Execute end-to-end third-party and vendor risk assessments, including inherent risk scoring, due diligence reviews, and residual risk evaluation
- Review and analyze third-party artifacts such as SOC reports, ISO certifications, policies, procedures, and security questionnaires
- Identify control gaps, document risk issues, and track remediation activities with vendors and internal stakeholders
- Support onboarding of new vendors and periodic reassessments of existing third parties
- Maintain accurate third-party risk documentation in GRC or vendor risk management tools
- Develop, maintain, and enhance risk metrics, dashboards, and reporting for third-party risk
- Track key performance indicators (KPIs) and key risk indicators (KRIs) related to vendor risk, assessment cycle times, remediation status, and risk trends
- Prepare materials for leadership and executive-level reporting, translating risk data into clear, actionable insights
- Support audits, regulatory exams, and internal reviews related to third-party risk management
- Assist with additional GRC activities as needed, including policy management, risk assessments, control testing, and compliance initiatives
- Support alignment with recognized frameworks and standards (e.g., NIST CSF, ISO 27001, SOC, FFIEC, or similar)
- Participate in continuous improvement of GRC processes, templates, and methodologies
- Collaborate with cross-functional teams including Security, IT, Legal, Procurement, Privacy, and Business Owners
Requirements
- 2+ years of experience in Third-Party Risk Management, Vendor Risk Assessments, or GRC-related roles
- Demonstrated experience conducting or supporting third-party risk assessments
- Strong understanding of information security and risk management concepts
- Proven ability to produce clear reporting, metrics, and dashboards
- Strong analytical, organizational, and documentation skills
- Ability to learn quickly, adapt to changing priorities, and manage multiple assessments simultaneously
- Effective written and verbal communication skills
Benefits
- Medical, Dental, and Vision Insurance on the first day of employment
- Flexible Spending Account and Dependent Care Account
- 401k with Profit Sharing
- 9+ holidays and discretionary time off structure
- Parental Leave – coverage for both primary and secondary caregivers
- Tuition Assistance Program and CPA support program with cash incentive upon completion
- Discretionary incentive compensation based on firm, group and individual performance
- Incentive compensation related to origination of new client sales
- Top rated wellness program
- Flexible working environment including remote and hybrid options
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
third-party risk assessmentsvendor risk assessmentsrisk scoringdue diligence reviewsrisk metricsdashboardsreportingcontrol testingcompliance initiativesGRC
Soft Skills
analytical skillsorganizational skillsdocumentation skillscommunication skillsadaptabilitycollaborationproblem-solvingattention to detailtime managementleadership