InfoSec GRC TPRM Specialist

Insight Global is seeking a GRC Specialist to support our TPRM program, working closely with the Information Security GRC team to assess and monitor technology-related risks associated with external vendors.
Scope of Work:
Perform risk assessments of third-party vendors.
Review and analyze vendor responses to cybersecurity and risk questionnaires.
Identify and report control gaps, focusing on SOx compliance risks.
Conduct technology risk analysis, map mitigation action plans, and track risk closure.
Assess and report on residual risk levels, ensuring documentation and escalation of high-risk findings.
Assist in technology due diligence for new and existing vendors.
Collaborate with internal teams (Procurement, Legal, Privacy, Architecture) to ensure vendor engagements align with policies, standards, and regulatory requirements.

We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form. The EEOC "Know Your Rights" Poster is available here.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

Required Qualifications:
Experience in Technology TPRM and third-party risk assessments.
Knowledge of cybersecurity and regulatory frameworks.
Understanding of SOx IT General Controls (ITGCs) and compliance expectations.
Experience in technology risk analysis, action plan mapping, and residual risk management.
Practical experience with technology-related due diligence processes.
Strong analytical, communication, and documentation skills.
Ability to work independently and manage multiple priorities.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.