This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more.

Role Description

As part of ongoing programmatic service offerings to a strategic client, SysLogic is seeking to add a Third-Party Risk & Governance, Risk, and Compliance (GRC) Analyst to join our growing Information Security team. This role will be pivotal in strengthening the organization’s third-party risk management program while ensuring overall compliance with regulatory and industry standards. The ideal candidate will be detail-oriented, highly organized, and a strong communicator with experience assessing vendor security risk, third-party compliance activities, and participating in the enhancement of the GRC processes.

The successful candidate will have a proven track record in conducting vendor security assessments, providing third-party analysis, and supporting compliance efforts aligned with HITRUST, SOC 2, GDPR, HIST, and ISO/IEC 27001. Experience leveraging tools such as ServiceNow for risk tracking and documentation is highly desired.

• Analyze Third-Party Risk Management (TPRM) Assessments:
  • Execute the third-party risk assessments which may include vendor onboarding, due diligence, risk assessments, remediation, and ongoing monitoring.
  • Collaborate with internal stakeholders and senior security professionals to ensure vendor contracts align with security and compliance requirements.
• Conduct Vendor Security Assessments:
  • Evaluate vendor controls against frameworks such as HITRUST, SOC 2, ISO 27001, and GDPR.
• Perform GRC Activities:
  • Support internal and external audits involving third-party risk components and regulatory frameworks.
  • Maintain alignment with industry standards and evolving regulations impacting vendor risk and compliance.
• Enhance GRC Technology & Reporting:
  • Utilize platforms such as ServiceNow GRC to track vendor risk assessments, issues, and remediation plans.
  • Partner with team to improve assessment processes and reporting.
• Risk Analysis & Reporting:
  • Provide regular dashboards and reports summarizing vendor risk posture, compliance gaps, and remediation progress.

Qualifications

• Bachelor’s degree in Information Security, Risk Management, Computer Science, or related field.
• 3+ years of experience in third-party risk management, GRC, or cybersecurity compliance.
• Demonstrated experience conducting vendor risk assessments and managing third-party compliance programs.
• Strong understanding of security and privacy frameworks: NIST, ISO, HITRUST, SOC 2, GDPR.
• Experience with ServiceNow GRC or similar platforms for vendor risk workflows.
• Excellent written and verbal communication skills for both technical and non-technical audiences.
• Strong organizational skills with the ability to manage multiple vendor risk assessments simultaneously.

Benefits

• Health Care Plan (Medical, Dental & Vision)
• Retirement Plan (401k, IRA)
• Life Insurance (Basic, Voluntary & AD&D)
• Work From Home availability