GRC (Vendor Risk Managem… Position Available In Fulton, Georgia
Tallo's Job Summary: The GRC (Vendor Risk Management) Engineer position in Atlanta, GA requires 8-10 years of experience, with a salary range of $100,000-$120,000 a year. Preferred qualifications include a Bachelor's Degree or relevant experience in computer science, industry certifications, and knowledge of industry standard frameworks. Responsibilities include proactively identifying, analyzing, and remediating information security and technology risks throughout the third-party lifecycle.
Job Description
GRC (Vendor Risk Management) Engineer
Atlanta, GA | 8 – 10 years of experience
25-Jun-2025
Job Description
Preferred Qualifications & Skills:
Bachelor’s Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security
Key industry certifications such as CISA, CISM, CISSP, CRISC, etc.
Knowledge of industry standard frameworks such as NIST Cybersecurity Framework, ISO 27001, NIST 800-30, etc.
Familiarity with third party information security attestations/certifications such as
SOC I/II
reports, ISO, PCI-DSS, SOX.
Comprehensive knowledge of third-party risk concepts, methodologies, governance structures and experience in managing risk and performing vendor risk assessments
Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics
Experience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of business
Experience with RSA Archer
Roles & Responsibilities
To proactively identify, analyze, and remediate information security and technology risks throughout the third-party lifecycle (planning, due diligence, contract adherence, transition, continuous monitoring, and offboarding). You’ll also have the opportunity to partner with IT Portfolios (Infrastructure and Reliability, Architecture, Channels Technology), key functional partners (Legal, Privacy, Corporate Audit) and external assessors.
Participate in vendor risk management activities including but not limited to third party risk assessments, gap analysis, contract review, vendor breach and termination activities, and partner with internal stakeholders to monitor vendors.
Perform data analytics and create meaningful reports to effectively communicate outcomes from vendor management activities and relate security, compliance, and/or governance-related concepts and controls across a variety of audiences including non-technical audiences
Identify and communicate findings of non-compliance with Information Security Standards and track to remediation or to an acceptable level of risk
Continuously work to improve the overall Vendor Risk Management Program through identifying opportunities and leading implementation activities
Provide guidance to the business, Strategic Sourcing and other stakeholders to ensure requirements of VRM are fully understood.
Serve as the subject matter expert in interpreting requirements and improve awareness of Operational Risks faced by Business from vendor’s failure/poor performance
Stay informed about the latest developments in the vendor risk management field.
Salary Range-$100,000-$120,000 a year
#LI-KR1
Location
Atlanta, GA
Job Function
TECHNOLOGY
Role
Senior Security Engineer
Job Id
359583
Desired Skills
Cyber Security
