Experienced Third Party Risk Management (TPRM) & Governance Compliance Professional – Remote Cybersecurity Role

• --

About arenaflex

Welcome to arenaflex, where innovation meets inspiration in the dynamic world of cybersecurity and digital protection. At arenaflex, we believe that safeguarding information and maintaining robust governance frameworks is more than just a business necessity—it's a cornerstone of trust in today's interconnected digital landscape. As a leading organization committed to excellence in cybersecurity governance, risk management, and compliance, we are dedicated to protecting our assets, stakeholders, and partners through cutting-edge security practices and meticulous regulatory adherence.

Our cybersecurity team comprises talented professionals who specialize in developing and implementing strategies that align organizational objectives with robust security measures. We navigate the complex terrain of cyber threats with precision, ensuring that our enterprise remains resilient, compliant, and ahead of emerging risks. At arenaflex, you will find an environment that values continuous learning, professional growth, and the opportunity to make a meaningful impact in the world of information security.

We are currently seeking a highly skilled and experienced Third Party Risk Management (TPRM) & Governance Compliance Professional to join our Cyber and Data Safety division. This is a remote position offering flexibility with both part-time and full-time arrangements, competitive compensation, and the chance to work with a globally recognized organization committed to excellence in cybersecurity governance.

Position Overview

As a Third Party Risk Management & Governance Compliance Professional at arenaflex, you will play a critical role in guiding and executing GRC-related activities to ensure the seamless operation of our cybersecurity programs. You will be responsible for managing our third-party/internal threat control software, overseeing internal safety compliance requirements, and implementing industry-leading regulations, tactics, and frameworks.

This position reports directly to the Manager of Governance, Threat and Compliance within our Cyber and Data Safety department. You will collaborate closely with business stakeholders, internal teams, and external partners to conduct comprehensive risk assessments, due diligence examinations, and ongoing monitoring activities.

Key Responsibilities

Third Party Risk Management (TPRM)

• Lead and support the implementation and management of our Third Party/Internal Risk Management software platform


• Execute arenaflex's global third-party/internal risk methodology for conducting cyber threat-related due diligence assessments


• Validate incoming third-party and internal risk assessment requests, working collaboratively with business stakeholders to confirm request details and engagement scope


• Conduct kick-off sessions with business stakeholders and relevant third parties to initiate thorough risk assessments


• Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties, reviewing submissions for completeness and identifying risks arising from the design and operational effectiveness of security controls


• Document responses, associated findings, and remediation plans within arenaflex's risk management systems


• Draft and review comprehensive assessment reports, ensuring appropriate business stakeholder review and finalization


• Serve as a strong liaison to address inquiries related to risk control methodologies and assessments for internal business units or third parties as required


• Perform continuous tracking of third-party relationships through arenaflex's systems for current and new findings, driving findings to timely closure


• Identify opportunities for improvement within arenaflex's systems and processes


• Work closely with Risk Lead/Supervisor to schedule and execute a range of supporting activities related to the risk management program

Governance, Threat, and Compliance

• Lead and support the development of cybersecurity risk and compliance-related strategies to ensure appropriate treatment of cybersecurity risks consistent with arenaflex's risk appetite


• Maintain and document compliance with information security-related guidelines and processes through systematic planning, testing, remediating, tracking, and reporting on control reviews and risk assessments


• Lead the development and delivery of compliance and risk education programs and ongoing communications that help foster a culture of security and compliance


• Stay current with regulatory changes, new guidelines, technology advancements, and internal policy modifications to proactively identify emerging risk areas


• Lead activities to maintain and guide ISO 27001 certification standards


• Support the implementation of industry best practices including ISO 2700x, SOC 2, SSAE 16/18 requirements

Essential Qualifications

Education

• Bachelor's or Master's degree from an accredited university in Information Security, Computer Science, Business Administration, or equivalent professional experience

Experience

• Minimum of 4 years of experience in Third Party Risk Management, Information Security, and Audit & Compliance Tracking


• At least 2-3 years of specific experience in TPRM or Internal Audit functions


• Preferred experience working with large enterprises and/or major consulting firms

Technical Knowledge & Competencies

• Strong working understanding of information security best practices and requirements including ISO 2700x, SOC 2, SSAE 16/18


• Proven experience in risk, controls, and compliance management


• Knowledge of risk assessment methodologies—both qualitative and quantitative approaches


• Exceptional analytical and problem-solving abilities


• Strong presentation and delivery capabilities

Professional Certifications (Preferred)

• CISA (Certified Information Systems Auditor)


• CRISC (Certified in Risk and Information Systems Control)


• ISO27001 Lead Implementer/Auditor


• CISSP (Certified Information Systems Security Professional)


• Experience in AI/ML security is considered a plus

Personal Attributes for Success

• Outstanding Stakeholder Management: Ability to build strong relationships with internal and external stakeholders, communicate effectively at all levels, and drive collaborative outcomes


• Adaptability: Ability to navigate fast-paced environments and demonstrate flexibility with working hours to meet evolving business needs


• Excellent Communication: Superior verbal and written communication skills with the ability to translate complex technical concepts for diverse audiences


• Change Agent: Ability to adapt quickly to changing conditions and drive quality improvement initiatives


• Interpersonal Skills: Strong interpersonal abilities with a collaborative approach to teamwork


• Problem-Solving Mindset: Proactive approach to identifying risks and developing practical mitigation strategies

Work Environment & Culture

At arenaflex, we pride ourselves on fostering a supportive, innovative, and inclusive work culture. As a remote team member, you will enjoy:

• Flexible work arrangements with both part-time and full-time options


• Comprehensive onboarding and ongoing professional development opportunities


• Access to cutting-edge tools and technologies for risk management


• Collaborative team environment with regular communication and support


• Exposure to diverse projects and cross-functional teams


• Mentorship from industry experts and leaders in cybersecurity


• Career advancement opportunities within our growing organization

Compensation & Benefits

We offer a competitive annual salary of $80,000 commensurate with experience and qualifications. In addition to base compensation, arenaflex provides a comprehensive benefits package including:

• Health, dental, and vision insurance coverage


• Retirement savings plans with company matching


• Paid time off and flexible scheduling


• Professional development reimbursement


• Technology stipend for home office setup


• Wellness programs and employee assistance resources

Career Growth Opportunities

Joining arenaflex means becoming part of an organization that invests in your professional growth. As you excel in your role, you will have access to advanced training programs, certification sponsorships, and clear pathways to senior leadership positions within the cybersecurity domain. We encourage continuous learning and provide platforms for you to expand your expertise in emerging areas such as AI/ML security, zero-trust architectures, and advanced threat intelligence.

How to Apply

If you are a dedicated professional with a passion for cybersecurity governance, risk management, and compliance, we invite you to join our team at arenaflex. This is an exceptional opportunity to contribute to a world-class security program while advancing your career in a supportive and innovative environment.

To apply for this position, please submit your resume and cover letter highlighting your relevant experience and qualifications. Our recruitment team will review applications and contact qualified candidates for further discussions.

arenaflex is an equal opportunity employer committed to diversity and inclusion. We welcome applications from all qualified individuals regardless of race, color, religion, gender, sexual orientation, national origin, age, disability, or any other protected characteristic.

Apply now and become part of a team that's shaping the future of cybersecurity governance! We look forward to welcoming you to arenaflex.