Job Type: Contract (W2 Only)
Contract Length: 6 months
Pay Range: $80-85/hr
Start Date: ASAP
Location: Remote
About the Opportunity:
Our client, a leader in cybersecurity and cloud data management, is looking for a skilled Senior Security Risk Management Analyst to join their team for a 6-month engagement. This project focuses on the assessment and mitigation of risks associated with third-party vendors and service providers, ensuring compliance with security and business resilience standards. This is a high-impact role that requires a self-motivated professional who can lead risk assessments, collaborate cross-functionally, and drive vendor governance processes effectively.
Key Responsibilities & Deliverables:
This role is focused on the successful completion of specific tasks and deliverables. Your responsibilities will include:
- Conducting comprehensive cybersecurity and regulatory risk assessments for new and existing third-party vendors.
- Evaluating third-party security questionnaires and audit documentation (e.g., SOC 2, ISO 27001).
- Coordinating with vendors to verify security controls and manage remediation plans.
- Classifying vendors by risk tier and maintaining accurate risk profiles.
- Partnering with Procurement, Legal, and InfoSec teams to enhance supplier security management processes and identify automation opportunities.
We are looking for someone with a proven track record of successful contract engagements. The ideal candidate will have:
- 6-8 years of professional experience in third-party risk assessment within cybersecurity or information risk management.
- Bachelor’s degree in Computer Science, Information Security, Cybersecurity, or a related field.
- In-depth understanding of information security frameworks and compliance requirements (e.g., ISO 27001/2, FedRAMP, SOC 2, PCI DSS, NIST CSF).
- Ability to synthesize complex risk findings for both technical and non-technical stakeholders.
- Detail-oriented and process-driven mindset, with the ability to manage multiple vendor assessments concurrently.
- Experience with risk assessment tools is a plus.
- W2 only (No C2C or 1099 contractors)
