GRC Analyst/Technology Risk Analyst/GRC Specialist-REMOTE
Posted 4 days ago by Apetan Consulting
Negotiable
Undetermined
Remote
Remote
Summary: We are seeking a GRC / Vendor Risk Generalist to support Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) activities. The ideal candidate will have experience conducting vendor risk assessments, reviewing security and compliance documentation, managing risk registers, and supporting audit and compliance initiatives.
Key Responsibilities:
- Perform vendor/third-party risk assessments and due diligence reviews.
- Review security questionnaires, SOC reports, and compliance documentation.
- Support GRC activities including risk assessments, control reviews, and compliance monitoring.
- Track risk remediation efforts and maintain risk registers.
- Collaborate with Security, Compliance, Legal, Procurement, and business teams.
- Assist with audit requests and regulatory compliance initiatives.
Key Skills:
- 2+ years of experience in GRC, Vendor Risk, TPRM, IT Risk, Compliance, or Audit.
- Knowledge of frameworks such as NIST, ISO 27001, SOC 2, or CIS Controls.
- Experience reviewing vendor security controls and risk documentation.
- Strong analytical, communication, and stakeholder management skills.
- Experience with GRC tools (ServiceNow, Archer, OneTrust, LogicGate, etc.) is a plus.
Salary (Rate): £56.00 hourly
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: IT
Job Summary:
We are seeking a GRC / Vendor Risk Generalist to support Governance, Risk & Compliance (GRC) and Third-Party Risk Management (TPRM) activities. The ideal candidate will have experience conducting vendor risk assessments, reviewing security and compliance documentation, managing risk registers, and supporting audit and compliance initiatives.
Key Responsibilities:
- Perform vendor/third-party risk assessments and due diligence reviews.
- Review security questionnaires, SOC reports, and compliance documentation.
- Support GRC activities including risk assessments, control reviews, and compliance monitoring.
- Track risk remediation efforts and maintain risk registers.
- Collaborate with Security, Compliance, Legal, Procurement, and business teams.
- Assist with audit requests and regulatory compliance initiatives.
Requirements:
- 2+ years of experience in GRC, Vendor Risk, TPRM, IT Risk, Compliance, or Audit.
- Knowledge of frameworks such as NIST, ISO 27001, SOC 2, or CIS Controls.
- Experience reviewing vendor security controls and risk documentation.
- Strong analytical, communication, and stakeholder management skills.
- Experience with GRC tools (ServiceNow, Archer, OneTrust, LogicGate, etc.) is a plus.