Experienced GRC Professional for Cyber Protection – Third Party Risk Management & Compliance Specialist at blithequark

Join the blithequark Team as a Remote GRC Professional and Shape the Future of Cyber Protection blithequark is at the forefront of innovation, and we're seeking a highly skilled and experienced GRC (Governance, Risk, and Compliance) Professional to join our dynamic Cybersecurity Crew. As a Third Party Risk Management & Compliance Specialist, you will play a critical role in guiding GRC-related activities and ensuring the seamless execution of various tasks within our team. About the blithequark Cybersecurity Crew Our Cybersecurity Crew is comprised of talented professionals who develop and implement strategies to help blithequark align with its business objectives while effectively managing risks and meeting industry standards. We stay ahead of the curve by leveraging cutting-edge technology and driving new innovations in the field of cybersecurity. Key Responsibilities • Assist in the management of blithequark's Third Party Risk Management (TPRM) program, ensuring the effective execution of cyber risk-related due diligence assessments. • Validate incoming third-party risk assessment requests, working closely with business stakeholders to confirm the details and scope of the engagement. • Conduct kick-off meetings with business stakeholders and relevant third parties to initiate the TPRM process. • Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties, reviewing submitted questionnaires for completeness and identifying potential risks. • Document responses, associated findings, and remediation plans in blithequark's systems. • Draft and review reports for the assessments performed, ensuring that respective business stakeholders finalize reviews. • Serve as a strong liaison to address any queries related to the risk management process and assessment. • Perform ongoing monitoring of third parties via blithequark's systems, tracking findings to closure. • Identify opportunities for improvement within blithequark's systems and processes. • Collaborate closely with the Risk Lead/Manager to schedule and execute various supporting activities related to the risk management program. Governance, Risk, and Compliance • Lead and support the development of cybersecurity risk and compliance-related strategies to ensure the treatment of cybersecurity risk consistent with blithequark's risk appetite. • Maintain and document compliance with information security-related guidelines and processes through planning, testing, remediating, tracking, and reporting on control reviews and risk assessments. • Lead the development and delivery of compliance and risk education and ongoing communications that support a culture of security and compliance. • Stay abreast of regulatory changes, new guidelines, technology, and internal policy modifications to identify new key risk areas. • Lead efforts to maintain and support the ISO 27001 standard. Essential Competencies and Attributes for Success • Outstanding stakeholder management skills. • Working knowledge of information security-related best practices and standards, including ISO 2700x, SOC 2 requirements, SSAE 16/18 standards, and others. • Experience in the management of risk, controls, and compliance. • Knowledge of risk assessment methodologies - qualitative/quantitative. • Excellent analytical and problem-solving abilities. • Superb presentation making and delivery skills. Personal Attributes • Strong interpersonal skills. • Ability to navigate a fast-paced environment and be flexible with working hours. • Excellent communication skills, both verbal and written. • Adaptability to changing conditions and the ability to drive positive change. Preferred Qualifications and Experience • Relevant Bachelor's/Master's degree from an accredited university or equivalent experience. • 4 years of experience in third-party risk management, information security, and audit & compliance tracking (minimum of 2-3 years in TPRM/internal audit). • Preferred experience with a large company and/or Big Four accounting firm. • One or more credentials - CISA, CRISC, ISO27001 L/LI, CISSP. • Experience in AI/ML is a plus. Career Growth Opportunities and Learning Benefits At blithequark, we offer a dynamic and supportive work environment that fosters growth and development. As a GRC Professional, you will have the opportunity to work on complex and challenging projects, developing your skills and expertise in the field of cybersecurity. Our team is committed to staying ahead of the curve, and we encourage our professionals to do the same. Work Environment and Company Culture blithequark is a remote-friendly organization that values flexibility and work-life balance. Our culture is built on a foundation of innovation, collaboration, and teamwork. We prioritize the well-being and satisfaction of our employees, providing a supportive and inclusive work environment. Compensation, Perks, and Benefits We offer a competitive salary of $80,000 per year, along with a comprehensive benefits package that includes opportunities for professional growth and development. Our benefits include. Why Join blithequark? blithequark is an exciting and dynamic organization that offers a unique opportunity to shape the future of cyber protection. As a GRC Professional, you will play a critical role in guiding GRC-related activities and ensuring the seamless execution of various tasks within our team. If you're a motivated and experienced professional looking for a challenging and rewarding role, we encourage you to apply. To apply for this exciting opportunity, please through our website. We look forward to hearing from you! For more information about blithequark and our current job openings, please visit our website. Apply tot his job Apply tot his job