Description

Senior Associate, Global Security Office - Governance, Risk and Compliance (GRC)

About Alvarez & Marsal

Alvarez & Marsal (A& M) is a global consulting firm with over 10, 000 entrepreneurial, action and results-oriented professionals in over 40 countries. We take a hands-on approach to solving our clients' problems and assisting them in reaching their potential. Our culture celebrates independent thinkers and doers who positively impact our clients and shape our industry. The collaborative environment and engaging work-guided by A& M's core values of Integrity, Quality, Objectivity, Fun, Personal Reward, and Inclusive Diversity-are why our people love working at A& M.

The Team

Global Security Office - Governance, Risk and Compliance (GRC):
Alvarez and Marsal Global Security Office committed to delivering the highest standards of security and compliance. We are seeking a highly skilled and motivated Senior GRC Associate with a strong focus on Third-Party Vendor and Risk Management to join our dynamic and growing team based in our Tampa Office.
As a Senior GRC Associate you will play a critical role in our third-party operations and InfoSec risk management program. This role will include assessing, monitoring, and mitigating risks associated with third-party vendors, dealing with client security questionnaire requests, completing legal reviews for security clauses, in line with regulatory requirements and internal security policies. This role will also support the information security programme in the performance of risk triage, assessment, and support risk register maintenance and reporting.

How you will contribute

• Third-Party Vendor Security Assessments [30%]

• Support the third-party vendor risk management (TPVRM) program ensuring alignment with A& M processes and best practices.
• Engage both business and external stakeholders to perform comprehensive due diligence risk assessments of third-party vendors and identify risk, whilst maintaining monitoring activities of existing vendors.
• Perform due diligence on new and existing vendors, including reviewing SOC reports, certifications, and security controls.

• Monitor vendor performance and compliance through periodic assessments and audits.

• Client Security Questionnaires [30%]

• Manage and complete client security questionnaires and assessments to demonstrate the organization's security posture in line with A& M tools and processes.
• Collaborate with internal teams (Privacy, Legal, IT) to gather accurate and comprehensive questionnaire responses.
• Ensure timely delivery of client responses with service level agreements

• Client and Vendor Legal Contract Reviews [30%]

• Evaluate security terms in contracts with third parties, suppliers, and business teams to mitigate risks associated with client and vendor engagements.
• Work with legal, privacy and business teams to ensure that contractual obligations align with the organization's security policies and compliance requirements.

• Risk Management [10%]

• Apply A& M Information Security Risk Management methodology to support the maintenance and review of the information security risk register.
• Communicate identified risks and remediation strategies to both technical and non-technical stakeholders.
• Participate and execute governance activities including metrics gathering and reporting, and the performance of recurring internal assessment activities

Qualifications

Education & Experience:

• Bachelor's degree in information security, Risk Management, Business, or related field.
• Industry recognized certification in security (e.g., CRISC (Certified in Risk and Information Systems Control), CTPRP (Certified Third-Party Risk Professional), CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager)

• 5+ years of experience in GRC, third-party risk management, or information security.
• Experience in conducting vendor risk assessments and audits.

Technical Skills:

• Strong understanding of security frameworks such as ISO 27001, NIST to mitigate cybersecurity incidents.
• Familiarity with third-party risk management tools and platforms
• Knowledge of regulatory requirements / frameworks

Soft Skills:

• Excellent analytical, problem-solving, and decision-making skills.
• Strong communication and interpersonal skills.
• Ability to work collaboratively with cross-functional teams.
• Detail-oriented with the ability to manage multiple tasks simultaneously.

Your journey at A& M

We recognize that our people are the driving force behind our success, which is why w e prioritize an employee experience that fosters each person's unique professional and personal development. Our robust performance development process promotes continuous learning, rewards your contributions, and fosters a culture of meritocracy . With top-notch training and on-the-job learning opportunities, you can acquire new skills and advance your career.

We prioritize your well-being, providing benefits and resources to support you on your personal journey. Our people consistently highlight the growth opportunities, our unique, entrepreneurial culture, and the fun we have together as their favorite aspects of working at A& M. The possibilities are endless for high - performing and passionate professionals.

Regular employees working 30 or more hours per week are also entitled to participate in Alvarez & Marsal Holdings' fringe benefits consisting of healthcare plans, flexible spending and savings accounts, life, AD& D, and disability coverages at rates determined periodically as well as a 401(k) retirement savings plan. Provided the eligibility requirements are met, employees will also receive an annual discretionary contribution to their 401(k) retirement savings plan from Alvarez & Marsal. Additionally, employees are eligible for paid time off including vacation, personal days, seventy-two (72) hours of sick time (prorated for part time employees), ten federal holidays, one floating holiday, and parental leave. The amount of vacation and personal days available varies based on tenure and role type. Click here for more information regarding A& M's benefits programs.

Thesalaryrange is $80, 000- $100, 000annually, dependent on several variables including but not limited to education, experience, skills, and geography. In addition, A& M offers a discretionary bonus program which is based on a number of factors, including individual and firm performance. Please ask your recruiter for details.

#LI-LH1