To Apply for this Job Click Here

About the Team
The Governance, Risk, and Compliance (GRC) team is small but impactful, reporting directly to the Senior Director of Security. The team leverages platforms and automation to build efficiency and scale in areas such as vendor security reviews, compliance framework reporting, and controls documentation.

About the Role
This role will work closely with the current GRC Lead to mature vendor information security review processes. Responsibilities will include building new workflow automations, managing the library of existing vendor documentation, and partnering with Strategic Sourcing, Procurement, and Legal stakeholders to strengthen vendor security practices.

A typical day may begin with monitoring midstream onboarding reviews and updating stakeholders on their status, followed by collaborating on workflow integrations. Additional tasks may include reviewing existing vendors' documentation status or initiating new reviews during contract renewals (or working to automate that process). The ideal candidate will proactively improve daily processes and grow into new responsibilities over time, such as documenting controls compliance or supporting audit efforts.

Technical Skills

Must Have

A self-starter; comfortable operating in uncertain environments and working independently

Experience with technology vendor management, including cloud providers and other third-party vendors

Compliance and risk management expertise

Effective vendor management skills

The ability to communicate frequently in an inclusive, thoughtful, and kind manner

Nice to Have

Experience as a Cybersecurity Analyst

Knowledge of controls analysis and implementation

Audit documentation experience

Familiarity with controls compliance

Additional Details

Full-time: 40 hours per week

Duration: Through March 2026

Remote and hybrid eligible, within time zones between PST and EST

T1429524NYC_1758579002 To Apply for this Job Click Here