Montreal, QC, H2G 1V4, CAN
7 days ago
InfoSec GRC TPRM Specialist
Job Description Insight Global is seeking a GRC Specialist to support our TPRM program, working closely with the Information Security GRC team to assess and monitor technology-related risks associated with external vendors. Scope of Work: Perform risk assessments of third-party vendors. Review and analyze vendor responses to cybersecurity and risk questionnaires. Identify and report control gaps, focusing on SOx compliance risks. Conduct technology risk analysis, map mitigation action plans, and track risk closure. Assess and report on residual risk levels, ensuring documentation and escalation of high-risk findings. Assist in technology due diligence for new and existing vendors. Collaborate with internal teams (Procurement, Legal, Privacy, Architecture) to ensure vendor engagements align with policies, standards, and regulatory requirements. We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to Human Resources Request Form (https://airtable.com/app21VjYyxLDIX0ez/shrOg4IQS1J6dRiMo) . The EEOC "Know Your Rights" Poster is available here (https://www.eeoc.gov/sites/default/files/2023-06/22-088\_EEOC\_KnowYourRights6.12ScreenRdr.pdf) . To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ . Skills and Requirements Required Qualifications: Experience in Technology TPRM and third-party risk assessments. Knowledge of cybersecurity and regulatory frameworks. Understanding of SOx IT General Controls (ITGCs) and compliance expectations. Experience in technology risk analysis, action plan mapping, and residual risk management. Practical experience with technology-related due diligence processes. Strong analytical, communication, and documentation skills. Ability to work independently and manage multiple priorities. null We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal employment opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment without regard to race, color, ethnicity, religion,sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military oruniformed service member status, or any other status or characteristic protected by applicable laws, regulations, andordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or the recruiting process, please send a request to HR@insightglobal.com.
Por favor confirme su dirección de correo electrónico: Send Email