Sr. Cyber Governance, Risk & Compliance Analyst

Primary Responsibilities:

• Lead the Third-Party Risk Management program, executing full lifecycle assessments and due diligence.
• Review security artifacts like SOC 2 and penetration tests, and manage issue remediation.
• Assess emerging risks including AI and cloud integrations, developing standards and reporting.

Supporting Duties:

• Assist with privacy operations including Data Subject Requests and impact assessments.
• Contribute to cyber GRC activities, risk tracking, and framework implementation.
• Enable security operations, incident response, and awareness training as needed.

Business Partnership:

• Serve as a trusted risk advisor to stakeholders, reducing operational burden.
• Partner with Legal, Procurement, and Technology teams to deliver risk-informed solutions.
• Escalate material risks early and frame issues in clear business terms for decision-making.