Haystack
← Back to Jobs
Other

GRC TPRM Assessment & Remediation SME

AspireIT SolutionsSunnyvale, CA🇺🇸United StatesPosted 15 Jul 2026

Quick Overview

Work Type
Hybrid
Level
Mid Senior

Job Description

Role: GRC TPRM Assessment & Remediation SME
Location: Sunnyvale, CA/Austin, TX (Hybrid)

Duration: 6 months contract

Job Description:
Must Have

  • 8+ years of experience in Third-Party Risk Management (TPRM) / Vendor Risk Management.
  • Hands-on experience conducting vendor/supplier security risk assessments (not just managing projects).
  • Strong knowledge of security frameworks:
    • SIG
    • CAIQ
    • NIST CSF
    • ISO 27001
    • SOC 2
  • Experience reviewing security evidence such as audit reports, certifications, penetration test reports, and questionnaires.
  • Expertise in managing Corrective Action Plans (CAPs) and driving remediation with vendors.
  • Experience coordinating with Security, Legal, Procurement, and Business teams.
  • Experience with GRC platforms such as OneTrust, SupplierNinja, or similar.
  • Experience with workflow/project tools like Wrike, Airtable, or similar.
  • Strong stakeholder communication, vendor management, and executive-level escalation experience.

Nice to Have

  • Experience supporting large enterprise or Fortune 500 TPRM programs.
  • Knowledge of cybersecurity governance and risk management processes.

Aspire IT Solutions is an equal opportunity employer.
All applicants must submit accurate information; misrepresentation may disqualify candidacy.
This role may require background checks/work authorization verification.
Rate/benefits are negotiable.
Aspire IT Solutions reserves the right to modify or withdraw this posting.

Skills

SOC 2
Background Checks
Procurement
Risk Management
Vendor Management

Similar jobs