Apply for this opportunity

This job application is on an outside website. Be sure to review the job posting there to verify it's the same.

Apply Offsite

Security Analyst/Third-Party Risk Management (TPRM) - remote PST

Job

Irvine Technology Corporation (ITC)

Remote

$135,200 Salary, Full-Time

Posted 3 weeks ago (Updated 3 weeks ago) • Actively hiring

Expires 6/14/2026

See Job Scorecard

Review key factors to help you decide if the role fits your goals.

How is this calculated?

Pay Growth

out of 5

Not enough data

Not enough info to score pay or growth

Job Security

out of 5

Not enough data

Calculating job security score...

Total Score

out of 100

Average of individual scores

Were these scores useful?

Skill Insights

Compare your current skills to what this opportunity needs—we'll show you what you already have and what could strengthen your application.

Job Description

Third-Party Risk Management (TPRM) Security Analyst Our client is seeking a sharp and driven TPRM Security Analyst to join their Information Security GRC team in a remote capacity. This is a high-impact contract role where you will play a critical part in protecting the organization by assessing vendor cybersecurity posture, managing compliance with key regulatory frameworks, and driving continuous improvement of the vendor risk program. If you thrive in a fast-paced environment, enjoy cross-functional collaboration, and bring deep expertise in third-party risk lifecycle management, this is an opportunity to make a meaningful difference. As part of our process after applying, you may receive an invitation from our AI Recruiter Avery for a short conversation that lets you share more about your background beyond your resume. For questions, contact .

Job Type:

6-month contract-to-hire

Location:

Remote -

PST Hours Required Compensation:

This job is expected to pay about $60-70/hr No Visa Sponsorship Available for this role

What You'll Do:

Conduct end-to-end vendor information security assessments, reviewing questionnaires (SIG, CAIQ, custom IRQs), evaluating evidence, assigning risk levels, and tracking remediations to closure. Administer and automate TPRM workflows within ServiceNow GRC, including vendor onboarding, risk scoring, dashboards, and executive reporting for the Vendor Risk Committee. Perform ongoing vendor monitoring, manage vendor records in the contract lifecycle system, and analyze emerging cyber threats to strengthen supplier risk management. Maintain the TPRM risk register and support preparation of materials for internal and external audits, including SOC 2, HITRUST, HIPAA, and PCI. Collaborate cross-functionally with Legal, Procurement, Compliance, and Business Units to embed security requirements into RFPs, contracts, and vendor onboarding processes. What Gets You the

Job:

5+ years in Information Security with 5+ years dedicated to TPRM or InfoSec GRC, including hands-on end-to-end vendor risk lifecycle management. Demonstrated experience administering and automating TPRM workflows in ServiceNow GRC, including risk scoring and vendor onboarding. Working knowledge of

NIST CSF, HITRUST CSF, SOC 2, ISO

27001, and HIPAA Security Rule, with an understanding of PHI/ePHI handling and BAA obligations. Experience with vendor security questionnaires (SIG, CAIQ) and evidence-based vendor audits, including

CVSS/CCSS

vulnerability scoring. Strong communication and stakeholder management skills with the ability to present risk findings to leadership and collaborate across legal, procurement, and clinical teams. Irvine Technology Corporation (ITC) connects top talent with exceptional opportunities in IT, Security, Engineering, and Design. From startups to Fortune 500s, we partner with leading companies nationwide. Our AI recruiter, Avery helps streamline the first step of your journey-so we can focus on what matters most: helping you grow. Join us. Let us ELEVATE your career!