Experienced Third Party Risk Management (TPRM) Analyst – Cybersecurity Governance, Risk & Compliance
---
Join arenaflex as a Third Party Risk Management (TPRM) Analyst – Cybersecurity & Compliance Professional
Are you ready to make a meaningful impact in the world of cybersecurity while working from the comfort of your own home? arenaflex is seeking an experienced Governance, Risk, and Compliance (GRC) professional to guide our cyber protection initiatives and ensure the seamless execution of critical security operations within our organization. This is a fantastic opportunity to be part of a dynamic team that is passionate about protecting organizational assets while aligning with business objectives and maintaining the highest industry standards.
At arenaflex, we believe that cybersecurity is not just about protection—it's about enabling innovation and building trust. As a Third Party Risk Management Analyst, you will play a pivotal role in strengthening our security posture by managing third-party and internal risk assessments, ensuring compliance with industry standards, and fostering a culture of security awareness across the organization. This position offers competitive compensation, flexibility, and the chance to grow your career with a leader in the industry.
About the arenaflex Cybersecurity Team
Our Cybersecurity team at arenaflex consists of talented professionals who are dedicated to formulating and implementing strategies that protect the organization while enabling business success. We work diligently to address threats proactively, meet industry guidelines, and embrace cutting-edge technologies that keep us ahead of evolving cyber risks. Collaboration, innovation, and continuous learning are at the heart of everything we do.
As part of our team, you will have the opportunity to work on challenging projects, contribute to meaningful security initiatives, and collaborate with stakeholders across the organization. We value diverse perspectives and encourage our team members to think creatively about how to address complex security challenges.
Position Overview
We are looking for a skilled Third Party Risk Management (TPRM) Analyst to join our Governance, Threat, and Compliance division. In this role, you will be responsible for managing our third-party and internal risk assessment programs, ensuring robust due diligence processes, and maintaining compliance with relevant security standards and regulations.
You will work closely with business stakeholders to conduct thorough cyber risk assessments, validate risk assessment requests, and coordinate the distribution and review of due diligence questionnaires. Your expertise will help identify potential security gaps and drive remediation efforts to closure.
Key Responsibilities
Third Party Risk Management (TPRM)
Lead and support the implementation of arenaflex's Third Party/Internal Risk Management software and processes
Manage the global third-party and internal risk methodology for conducting cyber risk-related due diligence assessments
Validate incoming third-party and internal risk assessment requests, collaborating with business stakeholders to confirm request details and engagement scope
Conduct kick-off sessions with business stakeholders and relevant third parties for assessments
Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties
Review submitted questionnaires for completeness and identify risks arising from the design and operational effectiveness of internal/third-party security controls
Document responses, findings, and remediation plans in arenaflex systems
Draft and review assessment reports, ensuring timely stakeholder review and feedback
Serve as a primary liaison to address queries related to risk control processes and assessments
Perform continuous monitoring of third parties through arenaflex systems for current and new findings
Track findings through to closure and identify opportunities for process improvement
Collaborate with risk leads and supervisors to schedule and execute various risk management program activities
Governance, Threat, and Compliance
Lead and support the development of cybersecurity risk and compliance strategies aligned with arenaflex's risk appetite
Maintain and document compliance with information security-related guidelines and processes through planning, testing, remediating, tracking, and reporting
Lead the development and delivery of compliance and risk education programs that promote a culture of security and compliance
Stay current with regulatory changes, new standards, technology advancements, and internal policy modifications
Lead initiatives to maintain and guide ISO 27001 certification and other relevant standards
Essential Qualifications & Experience
Bachelor's or Master's degree from an accredited university or equivalent professional experience
Minimum 4 years of experience in third-party risk management, information security, and audit/compliance tracking (with at least 2-3 years in TPRM or internal audit)
Preferred experience working with a large enterprise and/or a major professional services firm
Strong working understanding of information security best practices and requirements, including ISO 2700x, SOC 2, SSAE 16/18, and related standards
Experience in the management of risk, controls, and compliance
Knowledge of risk assessment methodologies—both qualitative and quantitative approaches
Professional certifications such as CISA, CRISC, ISO27001 Lead Implementer/Auditor, or CISSP are highly desirable
Experience with AI/ML in security contexts is a plus
Required Competencies & Skills
Outstanding stakeholder management and relationship-building abilities
Excellent analytical and problem-solving skills with attention to detail
Strong presentation and communication skills, both verbal and written
Ability to navigate fast-paced environments and demonstrate flexibility with working hours
Strong interpersonal skills with the ability to collaborate effectively across teams
Adaptability to changing conditions and ability to drive quality change
Strong organizational skills with the ability to manage multiple concurrent projects and deadlines
Proactive approach to identifying risks and implementing mitigation strategies
Personal Attributes for Success
At arenaflex, we look for team members who embody our core values and demonstrate:
Integrity: Unwavering commitment to ethical practices and confidentiality
Collaboration: Ability to work effectively with cross-functional teams and external partners
Continuous Learning: Passion for staying current with industry trends and emerging threats
Problem-Solving: Creative approach to addressing complex security challenges
Communication: Excellent ability to translate technical concepts for non-technical stakeholders
Career Growth & Learning Opportunities
At arenaflex, we are committed to the professional development of our team members. As a TPRM Analyst, you will have access to:
Comprehensive training programs and certifications sponsorship
Mentorship from experienced cybersecurity leaders
Exposure to a wide range of security frameworks and compliance standards
Clear career advancement pathways toward senior risk management and leadership positions
Internal mobility opportunities across different cybersecurity domains
Regular knowledge-sharing sessions and industry conference participation
Work Environment & Culture
arenaflex offers a supportive and inclusive work environment where your contributions are valued and recognized. Our flexible remote work arrangement allows you to maintain a healthy work-life balance while making a significant impact on organizational security.
We foster a culture of innovation, diversity, and continuous improvement. Our team members enjoy:
Flexible working hours to accommodate different time zones and personal schedules
State-of-the-art tools and technologies to support your success
Collaborative team environments that encourage knowledge sharing
Recognition programs that celebrate achievements and milestones
Employee wellness initiatives and support resources
Compensation & Benefits
We offer a competitive annual salary of $80,000 (commensurate with experience and qualifications), along with a comprehensive benefits package that includes:
Health, dental, and vision insurance
401(k) retirement plan with company matching
Paid time off and holidays
Professional development reimbursement
Remote work equipment allowance
Life insurance and disability coverage
Employee assistance programs
Why Join arenaflex?
arenaflex is more than just a workplace—we are a community of dedicated professionals committed to making a difference. By joining our team, you will:
Contribute to meaningful security initiatives that protect critical assets
Work with industry leaders and learn from the best in the field
Shape the future of our security programs and processes
Enjoy work-life balance with our flexible remote arrangement
Grow your career with clear advancement opportunities
How to Apply
If you are passionate about cybersecurity, thrive in collaborative environments, and want to make a real impact, we want to hear from you! Please submit your application today to join the arenaflex team.
arenaflex is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, or any other characteristic protected by law.
Apply now and take the first step toward an exciting career with arenaflex!
Join arenaflex as a Third Party Risk Management (TPRM) Analyst – Cybersecurity & Compliance Professional
Are you ready to make a meaningful impact in the world of cybersecurity while working from the comfort of your own home? arenaflex is seeking an experienced Governance, Risk, and Compliance (GRC) professional to guide our cyber protection initiatives and ensure the seamless execution of critical security operations within our organization. This is a fantastic opportunity to be part of a dynamic team that is passionate about protecting organizational assets while aligning with business objectives and maintaining the highest industry standards.
At arenaflex, we believe that cybersecurity is not just about protection—it's about enabling innovation and building trust. As a Third Party Risk Management Analyst, you will play a pivotal role in strengthening our security posture by managing third-party and internal risk assessments, ensuring compliance with industry standards, and fostering a culture of security awareness across the organization. This position offers competitive compensation, flexibility, and the chance to grow your career with a leader in the industry.
About the arenaflex Cybersecurity Team
Our Cybersecurity team at arenaflex consists of talented professionals who are dedicated to formulating and implementing strategies that protect the organization while enabling business success. We work diligently to address threats proactively, meet industry guidelines, and embrace cutting-edge technologies that keep us ahead of evolving cyber risks. Collaboration, innovation, and continuous learning are at the heart of everything we do.
As part of our team, you will have the opportunity to work on challenging projects, contribute to meaningful security initiatives, and collaborate with stakeholders across the organization. We value diverse perspectives and encourage our team members to think creatively about how to address complex security challenges.
Position Overview
We are looking for a skilled Third Party Risk Management (TPRM) Analyst to join our Governance, Threat, and Compliance division. In this role, you will be responsible for managing our third-party and internal risk assessment programs, ensuring robust due diligence processes, and maintaining compliance with relevant security standards and regulations.
You will work closely with business stakeholders to conduct thorough cyber risk assessments, validate risk assessment requests, and coordinate the distribution and review of due diligence questionnaires. Your expertise will help identify potential security gaps and drive remediation efforts to closure.
Key Responsibilities
Third Party Risk Management (TPRM)
Lead and support the implementation of arenaflex's Third Party/Internal Risk Management software and processes
Manage the global third-party and internal risk methodology for conducting cyber risk-related due diligence assessments
Validate incoming third-party and internal risk assessment requests, collaborating with business stakeholders to confirm request details and engagement scope
Conduct kick-off sessions with business stakeholders and relevant third parties for assessments
Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties
Review submitted questionnaires for completeness and identify risks arising from the design and operational effectiveness of internal/third-party security controls
Document responses, findings, and remediation plans in arenaflex systems
Draft and review assessment reports, ensuring timely stakeholder review and feedback
Serve as a primary liaison to address queries related to risk control processes and assessments
Perform continuous monitoring of third parties through arenaflex systems for current and new findings
Track findings through to closure and identify opportunities for process improvement
Collaborate with risk leads and supervisors to schedule and execute various risk management program activities
Governance, Threat, and Compliance
Lead and support the development of cybersecurity risk and compliance strategies aligned with arenaflex's risk appetite
Maintain and document compliance with information security-related guidelines and processes through planning, testing, remediating, tracking, and reporting
Lead the development and delivery of compliance and risk education programs that promote a culture of security and compliance
Stay current with regulatory changes, new standards, technology advancements, and internal policy modifications
Lead initiatives to maintain and guide ISO 27001 certification and other relevant standards
Essential Qualifications & Experience
Bachelor's or Master's degree from an accredited university or equivalent professional experience
Minimum 4 years of experience in third-party risk management, information security, and audit/compliance tracking (with at least 2-3 years in TPRM or internal audit)
Preferred experience working with a large enterprise and/or a major professional services firm
Strong working understanding of information security best practices and requirements, including ISO 2700x, SOC 2, SSAE 16/18, and related standards
Experience in the management of risk, controls, and compliance
Knowledge of risk assessment methodologies—both qualitative and quantitative approaches
Professional certifications such as CISA, CRISC, ISO27001 Lead Implementer/Auditor, or CISSP are highly desirable
Experience with AI/ML in security contexts is a plus
Required Competencies & Skills
Outstanding stakeholder management and relationship-building abilities
Excellent analytical and problem-solving skills with attention to detail
Strong presentation and communication skills, both verbal and written
Ability to navigate fast-paced environments and demonstrate flexibility with working hours
Strong interpersonal skills with the ability to collaborate effectively across teams
Adaptability to changing conditions and ability to drive quality change
Strong organizational skills with the ability to manage multiple concurrent projects and deadlines
Proactive approach to identifying risks and implementing mitigation strategies
Personal Attributes for Success
At arenaflex, we look for team members who embody our core values and demonstrate:
Integrity: Unwavering commitment to ethical practices and confidentiality
Collaboration: Ability to work effectively with cross-functional teams and external partners
Continuous Learning: Passion for staying current with industry trends and emerging threats
Problem-Solving: Creative approach to addressing complex security challenges
Communication: Excellent ability to translate technical concepts for non-technical stakeholders
Career Growth & Learning Opportunities
At arenaflex, we are committed to the professional development of our team members. As a TPRM Analyst, you will have access to:
Comprehensive training programs and certifications sponsorship
Mentorship from experienced cybersecurity leaders
Exposure to a wide range of security frameworks and compliance standards
Clear career advancement pathways toward senior risk management and leadership positions
Internal mobility opportunities across different cybersecurity domains
Regular knowledge-sharing sessions and industry conference participation
Work Environment & Culture
arenaflex offers a supportive and inclusive work environment where your contributions are valued and recognized. Our flexible remote work arrangement allows you to maintain a healthy work-life balance while making a significant impact on organizational security.
We foster a culture of innovation, diversity, and continuous improvement. Our team members enjoy:
Flexible working hours to accommodate different time zones and personal schedules
State-of-the-art tools and technologies to support your success
Collaborative team environments that encourage knowledge sharing
Recognition programs that celebrate achievements and milestones
Employee wellness initiatives and support resources
Compensation & Benefits
We offer a competitive annual salary of $80,000 (commensurate with experience and qualifications), along with a comprehensive benefits package that includes:
Health, dental, and vision insurance
401(k) retirement plan with company matching
Paid time off and holidays
Professional development reimbursement
Remote work equipment allowance
Life insurance and disability coverage
Employee assistance programs
Why Join arenaflex?
arenaflex is more than just a workplace—we are a community of dedicated professionals committed to making a difference. By joining our team, you will:
Contribute to meaningful security initiatives that protect critical assets
Work with industry leaders and learn from the best in the field
Shape the future of our security programs and processes
Enjoy work-life balance with our flexible remote arrangement
Grow your career with clear advancement opportunities
How to Apply
If you are passionate about cybersecurity, thrive in collaborative environments, and want to make a real impact, we want to hear from you! Please submit your application today to join the arenaflex team.
arenaflex is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, or any other characteristic protected by law.
Apply now and take the first step toward an exciting career with arenaflex!