Join arenaflex as a Governance, Risk & Compliance (GRC) Cybersecurity Specialist

Are you ready to take your career to the next level in one of the most dynamic and critical fields in technology today? arenaflex is seeking an experienced Governance, Risk & Compliance (GRC) Professional to join our Cybersecurity team and help shape the future of enterprise security from anywhere in the world. This is a fully remote opportunity that offers the flexibility of part-time or full-time work while earning a competitive annual salary of $80,000.

At arenaflex, we believe that exceptional talent deserves exceptional opportunities. As a GRC Cybersecurity Specialist, you will play a pivotal role in protecting our organization from evolving cyber threats while ensuring compliance with industry-leading standards and regulations. This isn't just a job—it's a chance to make a meaningful impact, grow your expertise, and be part of a team that values innovation, integrity, and excellence.

About the Cybersecurity Team at arenaflex

Our Cybersecurity team at arenaflex consists of passionate and skilled professionals who are dedicated to formulating and implementing strategies that protect the organization from cyber threats while supporting our business objectives. We don't just respond to risks—we anticipate them. Our team works tirelessly to ensure that every layer of our security infrastructure aligns with industry best practices, regulatory requirements, and our commitment to excellence.

As a member of our team, you will contribute to cutting-edge initiatives that combine technology with forward-thinking security approaches. We embrace new innovations and are constantly exploring emerging trends in cybersecurity to stay ahead of sophisticated threat actors. Your work will directly impact our ability to deliver safe, reliable, and secure solutions to our clients worldwide.

Position Overview

We are looking for an experienced GRC professional with a strong background in Third Party Risk Management (TPRM), internal controls, and cybersecurity compliance. In this role, you will be responsible for managing our third-party and internal risk assessment programs, ensuring robust execution of risk-related activities, and maintaining compliance with various security frameworks and standards.

You will serve as a key liaison between business stakeholders and third parties, conducting due diligence assessments, analyzing security controls, and developing remediation plans for identified risks. This position reports directly to the Manager of Governance, Threat and Compliance within our Cyber and Data Safety division.

Key Responsibilities

Third Party Risk Management (TPRM)

Lead and support the implementation of arenaflex's Third Party/Internal Risk Management software and processes

Conduct cyber risk-related due diligence assessments for third-party vendors and internal business units

Validate incoming third-party and internal risk assessment requests, collaborating with business stakeholders to confirm request details and engagement scope

Organize and facilitate kick-off meetings with business stakeholders and relevant third parties for conducting thorough risk assessments

Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties, reviewing submissions for completeness

Analyze questionnaire responses and identify risks arising from the design and operational effectiveness of third party's internal security controls

Document responses, associated findings, and remediation plans in arenaflex's risk management systems

Draft and review comprehensive assessment reports, ensuring business stakeholders provide timely feedback and final approvals

Serve as a primary liaison to address queries related to risk control techniques and assessments for business units and third parties

Perform continuous monitoring of third parties through arenaflex systems, tracking current and new findings through to closure

Identify opportunities for improvement within arenaflex's systems and processes

Collaborate closely with Risk Leads and Supervisors to schedule and execute various activities supporting the risk management program

Governance, Threat and Compliance

Lead and support the development of cybersecurity risk and compliance-related strategies to ensure appropriate treatment of cybersecurity risks aligned with arenaflex's risk appetite

Maintain and document compliance with information security-related guidelines and processes through systematic planning, testing, remediating, tracking, and reporting on control reviews and risk assessments

Lead the development and delivery of compliance and risk education programs, fostering a culture of security awareness and compliance throughout the organization

Stay current with regulatory changes, new guidelines, technological advancements, and internal policy modifications to identify emerging risk areas

Lead initiatives to maintain and guide arenaflex's ISO 27001 certification, ensuring ongoing compliance with international information security standards

Required Qualifications & Experience

Education: Bachelor's or Master's degree from an accredited university in Information Security, Computer Science, Business Administration, or a related field. Equivalent professional experience will also be considered.

Experience: Minimum of 4 years of experience in Third Party Risk Management, Information Security, and Audit & Compliance Tracking, with at least 2-3 years specifically in TPRM or Internal Audit roles

Preferred Background: Experience working with large enterprises and/or Big Four accounting firms is highly desirable

Certifications (Preferred): One or more of the following: CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), ISO27001 Lead Implementer/Auditor, or CISSP (Certified Information Systems Security Professional)

Technical Skills: Familiarity with AI/ML technologies in security contexts is a plus

Essential Skills & Competencies

Stakeholder Management: Outstanding ability to manage relationships with internal and external stakeholders at all levels

Working understanding of information security best practices and requirements, including ISO 27001, SOC 2, SSAE 16/18, and other relevant standards

Experience in the management of risk, controls, and compliance programs

Knowledge of risk assessment methodologies—both qualitative and quantitative approaches

Strong analytical and problem-solving abilities with attention to detail

Excellent presentation and delivery skills

Exceptional communication skills, both verbal and written

Ability to navigate fast-paced environments and remain flexible with working hours

Quick adaptation to changing conditions and ability to drive quality outcomes

Strong interpersonal skills with the ability to collaborate effectively across teams

Why Join arenaflex?

At arenaflex, we understand that our greatest asset is our people. That's why we are committed to creating an environment where you can thrive both professionally and personally. Here are just a few reasons why you should consider joining our team:

Career Growth & Development

We invest heavily in the growth of our employees. As part of our team, you will have access to continuous learning opportunities, including training programs, certifications, and professional development resources. Whether you're looking to deepen your expertise in GRC, specialize in a particular framework, or explore leadership roles, arenaflex supports your career journey every step of the way.

Competitive Compensation & Benefits

We offer a competitive annual salary of $80,000, along with a comprehensive benefits package that includes health insurance, retirement plans, paid time off, and various wellness programs. Our remote work flexibility allows you to maintain a healthy work-life balance while contributing to our mission of excellence in cybersecurity.

Innovative Work Environment

Join a team that values innovation and forward thinking. At arenaflex, you'll work on challenging projects that push the boundaries of what's possible in cybersecurity. We encourage creative problem-solving and welcome new ideas that enhance our security posture.

Collaborative Culture

We believe that the best results come from collaboration. Our team culture emphasizes teamwork, open communication, and mutual respect. You'll work alongside talented professionals who are passionate about cybersecurity and committed to protecting the organization.

Remote Work Flexibility

Enjoy the freedom to work from anywhere. Our remote-first approach means you can design your workspace to suit your preferences while staying connected with your team through modern collaboration tools and technologies.

How to Apply

If you're ready to take the next step in your career and join a team that values excellence, innovation, and integrity, we encourage you to apply today. Simply click the link below to submit your application.

At arenaflex, we are committed to fostering an inclusive workplace where diverse perspectives are celebrated. We welcome candidates from all backgrounds and experiences to apply.

We look forward to potentially welcoming you to the arenaflex family!

Experienced Third Party Risk Management (TPRM) Professional – Governance, Risk & Compliance Cybersecurity Specialist (Remote)