GRC TPRM Assessment and Remediation SME


TechClub Inc.
Dice Job Match Score™
👤 Reviewing your profile...
Job Details
Skills
- GRC
- Third-Party
- Risk
- Management
- Assessment
- Remediation
Summary
Role: GRC TPRM Assessment and Remediation SME
Location: Austin, TX/ Cupertino, CA
(100% onsite Role Only)
Job Description:
**Must have LinkedIn id of Candidate**
"We are seeking an experienced Third-Party Risk Management (TPRM) Assessment and Remediation Subject Matter Expert to manage the end-to-end lifecycle of supplier/vendor cybersecurity risk assessments and remediation — from inventory governance through assessment coordination, escalation management, and executive reporting — in a fully remote, client-facing environment.
This role serves as the process authority for vendor risk assessments, findings management, and cross-functional remediation, requiring precise, proactive communication to maintain trust with high-visibility stakeholders.
Key Responsibilities
1. Supplier Inventory Management
• Maintain the Supplier Inventory (GRC platform, e.g., SupplierNinja) as the single source of truth for assessment status.
• Tier/filter suppliers requiring reassessment vs. new assessment per program criteria.
• Maintain accurate Direct Responsible Individual (DRI) records in the GRC tool (e.g., OneTrust).
2. Assessment Execution
• Evaluate suppliers against standard frameworks (SIG, CAIQ, NIST CSF, ISO 27001, SOC 2) and validate evidence (audit reports, certifications, pen test results).
• Confirm DRI ownership and obtain kick-off acknowledgement before initiating assessments.
• Log and track assessment tasks in a workflow tool (e.g., Wrike), including acknowledgement evidence.
• Confirm onsite-assessed suppliers have current-year coverage (e.g., in AirTable). •
Participate in recurring findings-review meetings (e.g., CSFA), advising on policy and evidence standards.
3. Remediation Management
• Own Corrective Action Plans (CAPs) end-to-end: define SLAs, track progress, drive closure with vendors and business owners.
• Coordinate with Legal, Procurement, and InfoSec on remediation timelines and compensating controls.
4. Stakeholder Communication & Escalation
• Run a structured outreach cadence with DRIs (kick-off → 3 follow-ups → 3 escalations to management).
• Track response/non-response rates for every outreach cycle.
• Escalate unresolved/high-risk findings to client leadership and track to closure. 5. Weekly Reporting
• Deliver a standing weekly metrics report to leadership: outreach volume, response rates, follow-up/escalation status, suppliers approved for (re)assessment, and overall assessment/remediation coverage.
Required Qualifications
• 5+ years in cybersecurity, TPRM, GRC operations, or supplier risk coordination.
• Working knowledge of NIST CSF, ISO 27001, SOC 2, SIG/CAIQ.
• Hands-on experience with GRC/TPRM tools (OneTrust, Archer, ServiceNow GRC, SupplierNinja, or similar).
• Proven ownership of high-volume, multi-step communication workflows with strict tracking/documentation.
• Excellent written communication for remote, client-facing engagement.
• Experience operating in distributed/remote teams. Preferred Qualifications
• Certification: CTPRP, CRISC, CISA, or CISSP.
• Experience with Wrike, AirTable, Jira, or similar tracking tools.
• Prior experience in regulated industries (financial services, healthcare, insurance).
• Track record producing leadership-facing weekly reporting.
- Dice Id: 90979514
- Position Id: 9020665
- Posted 10 hours ago
Company Info
TechClub Inc. renders avant-garde IT solutions to corporations. We provide exhaustive managed IT services that make us the perfect technology partners for our customers. TechClub Inc. is committed to designing critical information and maintaining a professional standard. We use cutting-edge digital approaches and maintain an open mindset to constantly innovate. Our objective is to guarantee customer satisfaction with our services. We are committed to providing post-implementation support and delivering expert IT solutions to over 50+ customers worldwide to improve and optimize operations.
TechClub Inc. was founded in 2014 and is based in Lincolnshire. We are a Google partner company, offering cost-effective, innovative, and sustainable web solutions with the slogan: “Imagination, Meets Implementation”. Our focused working strategy has made a considerable impact in the industry.
Mission
Our uncompromised, technology-agnostic guidance and implementation services are always delivered by senior IT leaders; we never razzle-dazzle and we never leave you with a solution we wouldn’t gladly support for the long run. Our commitment to customer results is unpaired in the industry – delivering unique attention and value to every client, every minute.
Vision
Our vision is to be a top player in the global market by accentuating constant innovation and delivering cost-efficient and typical IT solutions to our clients through technology leadership, creativity, and a devoted workforce.

Similar Jobs
It looks like there aren't any Similar Jobs for this job yet.
Search all similar jobs