Third Party Risk Management (TPRM) Specialist – Governance, Risk & Compliance Professional in Cybersecurity

Join arenaflex as a Third Party Risk Management (TPRM) Specialist

Are you ready to be at the forefront of cybersecurity governance and risk management? arenaflex is seeking an experienced and highly motivated Third Party Risk Management (TPRM) Specialist to join our dynamic Cybersecurity team. In this pivotal role, you will play a critical part in protecting our organization by guiding GRC-related activities and ensuring the clean, everyday execution of various cybersecurity tasks. This is a remote position offering competitive compensation and the flexibility of part-time or full-time work schedules.

At arenaflex, we believe that strong cybersecurity is the foundation of trust and innovation. Our Cybersecurity team consists of green cybersecurity specialists who formulate and implement techniques and recommendations to help the organization align with its commercial enterprise dreams while dealing with dangers correctly and meeting industry guidelines and standards. We work on cutting-edge technology and toward new innovations in the area of cybersecurity to bring peace of mind to our stakeholders.

Position Overview

We are looking for an experienced GRC professional in the field of cyber protection to guide GRC-related activities and make certain clean everyday execution of various tasks being performed inside the team. The task calls for assisting arenaflex's Third Party/Internal Threat Control Software alongside managing internal safety compliance necessities and implementation of regulations, tactics, and frameworks.

As a TPRM Specialist, you will be responsible for managing our third-party risk management program, conducting cyber risk due diligence assessments, and ensuring compliance with industry standards and regulations. This role reports to the Manager (Governance, Threat and Compliance), Cyber and Data Safety.

Key Responsibilities

Third Party Risk Management (TPRM)

• Manage and support arenaflex's Third Party/Internal Risk Management Software


• Assist in the development and implementation of arenaflex's Global Third-Party/Internal Risk Method for carrying out cyber danger related due diligence exams


• Validate incoming third-party/internal danger assessment requests, working with business stakeholders to confirm the details of the request and the scope of the engagement


• Conduct kick-off periods with business stakeholders and any related third parties for conducting the Third Party Assessments (TPA)


• Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties, review submitted questionnaires for completeness, and decide dangers arising from the contemporary design and operational effectiveness of internal/third parties' security controls


• Report responses, associated findings, and remediation plans in arenaflex systems


• Draft and review reports for the checks performed and make sure respective commercial enterprise stakeholders finalize critiques


• Serve as a strong liaison to ensure any queries are responded to concerning the risk control technique and evaluation to the business or third parties as required


• Carry out continuous tracking of third parties via arenaflex systems for current/new findings and music any findings to closure


• Recognize opportunities of improvement inside arenaflex systems and strategies


• Work intently with Risk Lead/Supervisor to schedule and execute a spread of different assisting activities related to the chance management program

Governance, Threat and Compliance

• Lead and help the improvement of cybersecurity hazard and compliance related strategies to ensure treatment of cybersecurity chance consistent with the agency's risk urge for food


• Maintain and document compliance towards information safety associated guidelines and processes through planning, checking out, remediating, tracking, and reporting on manipulate critiques and threat checks


• Lead development and shipping of compliance and danger education and ongoing communications that assist power tradition of protection and compliance


• Retain abreast of regulatory changes, new guidelines, technology, and internal policy modifications that will further pick out new key chance regions


• Lead the sports to preserve and guide ISO 27001 standards

Essential Qualifications

• Relevant Bachelor's/Master's Diploma from an accepted university or equivalent experience


• 4 Years of experience throughout Third-Party Risk Control, records security, and audit and compliance tracking (minimum of 2-3 years in TPRM/Internal Audit)


• Preferred experience with a massive enterprise and/or large accounting firm


• One or greater credentials - CISA, CRISC, ISO27001 Lead Implementer/Auditor, or CISSP


• Working understanding of information security related high-quality practices and requirements including ISO 2700x, SOC 2 necessities, SSAE 16/18 requirements, and others


• Experience in the control of hazard, controls, and compliance


• Expertise of hazard evaluation methodologies – Qualitative/Quantitative


• Experience in AI/ML is a plus

Skills and Competencies for Success

Technical Skills

• Outstanding stakeholder management capabilities


• Super analytical and problem-solving abilities


• Super presentation making and delivery abilities


• Strong understanding of information security frameworks and standards


• Proficiency in risk assessment methodologies

Personal Attributes

• Robust interpersonal abilities


• Ability to navigate rapid-paced surroundings and be flexible with working hours


• Fantastic communication abilities, both verbal and written


• Adapt quickly to changing conditions and power high-quality change


• Strong attention to detail and organizational skills


• Ability to work independently and as part of a team

Career Growth Opportunities

At arenaflex, we are committed to the professional development and growth of our employees. As a TPRM Specialist, you will have numerous opportunities to advance your career in cybersecurity governance, risk, and compliance. You will work alongside experienced professionals and gain exposure to cutting-edge cybersecurity technologies and methodologies.

Our organization supports continuous learning and professional development. You will have access to training programs, certifications, and workshops that will help you stay current with industry trends and enhance your skills. As you demonstrate success in your role, you will have the opportunity to take on additional responsibilities, lead projects, and progress into senior positions within the cybersecurity organization.

This role provides an excellent foundation for career advancement in areas such as:

• Chief Information Security Officer (CISO)


• Director of Governance, Risk & Compliance


• Senior Risk Manager


• Compliance Director


• Security Consultant

Work Environment and Culture

arenaflex offers a dynamic and inclusive work environment where innovation and collaboration are celebrated. Our Cybersecurity team is dedicated to protecting the organization while enabling business growth through effective risk management.

As a remote employee, you will enjoy the flexibility to work from anywhere while staying connected with your team through advanced collaboration tools. We believe in maintaining a healthy work-life balance and trust our employees to manage their time effectively.

Our culture is built on values of integrity, innovation, and excellence. We foster an environment where diverse perspectives are welcomed, and continuous improvement is embraced. You will be part of a team that is passionate about cybersecurity and committed to making a meaningful impact.

Compensation and Benefits

We offer a competitive annual salary of $80,000, commensurate with experience and qualifications. In addition to base compensation, arenaflex provides a comprehensive benefits package that includes:

• Health, dental, and vision insurance


• 401(k) retirement plan with company matching


• Paid time off and holidays


• Professional development opportunities


• Remote work flexibility


• Life and disability insurance


• Employee assistance program


• Wellness programs

Why Join arenaflex?

arenaflex is a leader in innovation and excellence. By joining our team, you will become part of an organization that values its employees and is committed to creating a positive impact. We offer a supportive environment where your skills and expertise will be valued and where you can make a real difference.

This is an excellent opportunity for professionals who are passionate about cybersecurity, risk management, and compliance. If you have the experience and attributes we are looking for, we encourage you to apply and take the next step in your career with arenaflex.

How to Apply

If you are ready to take on this exciting challenge and join a team of dedicated cybersecurity professionals, we want to hear from you! Please submit your resume and cover letter through our application portal. Be sure to highlight your relevant experience and qualifications.

arenaflex is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, or any other protected characteristic.

Join us at arenaflex and help shape the future of cybersecurity governance and risk management. Apply today!