Security Analyst/Third-Party Risk Management (TPRM) - remote PST

Security Analyst/Third-Party Risk Management (TPRM) - remote PST Remote in Long Beach, CA, US • Posted 3 hours ago • Updated 2 minutes ago Contract W2 On-site USD60 - USD70/hr Fitment Dice Job Match Score™ ⏳ Almost there, hang tight... Job Details Skills Cyber Security Continuous Improvement Artificial Intelligence Dashboard Reporting Management Risk Management Payment Card Industry Regulatory Compliance Information Security Lifecycle Management Workflow ServiceNow SAP GRC Onboarding System On A Chip

ISO/IEC 27001

2005 HIPAA Auditing Communication Stakeholder Management Leadership Collaboration Legal Procurement Summary Third-Party Risk Management (TPRM) Security Analyst Our client is seeking a sharp and driven TPRM Security Analyst to join their Information Security GRC team in a remote capacity. This is a high-impact contract role where you will play a critical part in protecting the organization by assessing vendor cybersecurity posture, managing compliance with key regulatory frameworks, and driving continuous improvement of the vendor risk program. If you thrive in a fast-paced environment, enjoy cross-functional collaboration, and bring deep expertise in third-party risk lifecycle management, this is an opportunity to make a meaningful difference. As part of our process after applying, you may receive an invitation from our AI Recruiter Avery for a short conversation that lets you share more about your background beyond your resume. For questions, contact .

Job Type:

6-month contract-to-hire

Location:

Remote -

PST Hours Required Compensation:

This job is expected to pay about $60-70/hr No Visa Sponsorship Available for this role

What You'll Do:

Conduct end-to-end vendor information security assessments, reviewing questionnaires (SIG, CAIQ, custom IRQs), evaluating evidence, assigning risk levels, and tracking remediations to closure. Administer and automate TPRM workflows within ServiceNow GRC, including vendor onboarding, risk scoring, dashboards, and executive reporting for the Vendor Risk Committee. Perform ongoing vendor monitoring, manage vendor records in the contract lifecycle system, and analyze emerging cyber threats to strengthen supplier risk management. Maintain the TPRM risk register and support preparation of materials for internal and external audits, including SOC 2, HITRUST, HIPAA, and PCI. Collaborate cross-functionally with Legal, Procurement, Compliance, and Business Units to embed security requirements into RFPs, contracts, and vendor onboarding processes. What Gets You the

Job:

5+ years in Information Security with 5+ years dedicated to TPRM or InfoSec GRC, including hands-on end-to-end vendor risk lifecycle management. Demonstrated experience administering and automating TPRM workflows in ServiceNow GRC, including risk scoring and vendor onboarding. Working knowledge of

NIST CSF, HITRUST CSF, SOC 2, ISO

27001, and HIPAA Security Rule, with an understanding of PHI/ePHI handling and BAA obligations. Experience with vendor security questionnaires (SIG, CAIQ) and evidence-based vendor audits, including

CVSS/CCSS

vulnerability scoring. Strong communication and stakeholder management skills with the ability to present risk findings to leadership and collaborate across legal, procurement, and clinical teams. Irvine Technology Corporation (ITC) connects top talent with exceptional opportunities in IT, Security, Engineering, and Design. From startups to Fortune 500s, we partner with leading companies nationwide. Our AI recruiter, Avery helps streamline the first step of your journey-so we can focus on what matters most: helping you grow. Join us. Let us ELEVATE your career! Employers have access to artificial intelligence language tools ("AI") that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id:

itcca

Position Id:

23220 Posted 3 hours ago