Senior Cybersecurity GRC
Quick Overview
Job Description
Job Title: Senior Cybersecurity GRC & Third Party Risk Consultant
Location: New York, NY (Onsite/Hybrid)
Duration: Long-Term Contract(W2)
Job Description
We are seeking an experienced Senior Cybersecurity GRC & Third Party Risk Consultant to support the implementation and enhancement of Third Party and Fourth Party Risk Management programs. The ideal candidate will have strong expertise in vendor risk management, information security governance, regulatory compliance, and Archer GRC solutions within the banking or financial services industry.
Key Responsibilities
Gather and define business requirements for Third Party and Fourth Party Risk Management initiatives.
Lead the implementation and alignment of SIG 2027 questionnaires, risk domains, and assessment frameworks.
Design and maintain risk taxonomy, risk assessment methodologies, and risk scoring models.
Configure and support RSA Archer TPRM workflows and related GRC processes.
Collaborate with business and technical teams to implement vendor risk workflows, questionnaires, and data models.
Support vendor onboarding, security due diligence, risk assessments, continuous monitoring, and remediation activities.
Ensure compliance with regulatory, governance, audit, and information security requirements.
Participate in User Acceptance Testing (UAT), data validation, issue resolution, and governance approvals.
Develop executive dashboards, KPIs, and risk analytics for vendor risk reporting.
Recommend improvements to Third Party Risk Management processes and governance practices.
Required Skills
10+ years of experience in Third Party Risk Management (TPRM), Vendor Risk Management (VRM), Information Security Risk, or Governance, Risk & Compliance (GRC).
Strong expertise in Third Party and Fourth Party Risk Management frameworks and operating models.
Deep understanding of SIG (Standardized Information Gathering) questionnaires, including SIG 2027.
Experience defining risk taxonomy, risk assessment methodologies, and risk scoring models.
Hands-on experience with RSA Archer TPRM or similar GRC platforms.
Strong knowledge of the vendor lifecycle, including onboarding, due diligence, continuous monitoring, and offboarding.
Experience working with cybersecurity governance, regulatory compliance, and audit frameworks.
Excellent communication, stakeholder management, and documentation skills.
Skills
Similar jobs
Systems Engineer 2 with Security Clearance
Northrop Grumman · Oklahoma City, United States
9 minutes ago$75.1k - $112.7k/yrAssociate or Mid-level Ground Systems Engineer for MILSATCOM Pro with Security Clearance
Boeing · El Segundo, United States
21 minutes ago$98.6k - $133.4k/yrSr. AWS Cloud and Platform Engineer
Sallie Mae Bank · Indianapolis, United States
21 minutes agoMission Systems Engineering Manager with Security Clearance
Boeing · Tukwila, United States
21 minutes ago$158.1k - $246.1k/yrDevOps / Middleware Engineer
BCforward · Charlotte, United States
21 minutes ago€67/hrService Management System Engineer
SAIC · Washington, United States
21 minutes ago$120.0k - $160k/yr