We are searching for a Sr. Third-Party Risk Consultant! 

First off, what is CyberGRX?  

CyberGRX provides enterprises and their third-party vendors with the most cost-effective and scalable approach to cyber risk management. Built on the market's first third-party cyber risk Exchange, CyberGRX combines both third-party vendors and enterprise organizations in one easy-to-navigate platform to streamline the risk assessment process. 63% of data breaches are linked to a third-party and CyberGRX arms organizations with the data and advanced analytics so they can efficiently manage, monitor and mitigate risk in their partner ecosystems. 

What does a Sr. Third-Party Risk Consultant do at CyberGRX? 

As a Third-Party Risk Senior Consultant, you’ll help lead a brand-new function at CyberGRX focused on providing advisory services to our clients. You’ll be responsible for the overseeing the design and implementation of Third-Party Cyber Risk Management programs for our customers leveraging the CyberGRX platform. As an early member of this team, you’ll also assist with the strategy and design of this function and how it will operate. 

This person is an expert at Third-Party Risk. You have built and executed third-party risk programs. You are known as a thought leader and considered a trusted advisor by stakeholders. Most importantly, you have an eye for quality work and will ensure that our customers get the best service on time and within budget. 

What a day in the life looks like: 

• You will oversee, lead, and execute the design and implementation of third-party cyber risk management programs leveraging the CyberGRX platform. 
• Lead discovery sessions, workshops, and other client-focused meetings in order to understand goals, objectives, and requirements. 
• Develop solutions, plans, and roadmaps that support client and CyberGRX objectives. 
• Create and present high-quality customer-facing artifacts in support of the delivery of services including workflow diagrams, reports, presentations, and other work products. 
• You will design processes that support the end-to-end third-party risk management lifecycle. 
• Develop reporting and communication strategies that support client TPRM objectives. 
• You will use manual and automated data analysis and transformation tools and capabilities such as Excel, Macros, Tableau, and/or Python to analyze and curate customer or company data. 
• Act as a thought leader in the areas of third-party risk management both internally and externally, providing recommendations on best practices to customers and input to product development. 
• Work cross-functionally with internal and external team members to achieve customer or department objectives. 
• You will understand the customer’s business environment and risk management objectives. 
• You will play a role in mentoring and training junior team members. 

What you bring to the table:  

• At least 7 years of experience within the domains of Third-Party Risk Management, Cyber Risk Management, or Supply Chain Security. 
• At least 7 years of demonstrated progressive professional experience, preferably managing or leading third-party risk management teams or consultants. 
• You have one or more relevant professional certifications such as CISSP, CTPRP, or relevant equivalent experience. 
• Experience working in highly regulated industries such as healthcare or financial services. 
• You have led the design and implementation of cross-functional programs. 
• Experience with configuring, implementing, or using GRC tools or other workflow tools used in third-party risk management. 
• Knowledge of common risk and control frameworks such as NIST800-53, ISO27001, CMMC, CSA, and others. 
• You have excellent verbal and written communication skills. 
• Bonus points if you are an expert at Microsoft Excel and PowerPoint. 
• You have experience with data analysis tools such as Tableau and Python, or aren’t afraid to learn them. 

Why you want to work for CyberGRX: 

• We offer a competitive base salary (commensurate with experience) plus incentive compensation. We have an incredible benefits package including: 
  • 100% Company paid medical/dental/vision for employees & generous company contribution for dependent health benefits  
  • 401(k) program, including employer match up to 3% of your base salary 
  • $100/month stipend to use for wellness and WFH expenses 
  • Open Time Off policy - Take the time you need! Recharging the batteries is encouraged. 
  • Equity – Acting like an owner is one of our Core Values 
• Remote Friendly Work Environment *We are 100% remote for the time being, but are actively seeking new office space in the centrally located LoDo area in downtown Denver when Colorado guidelines permit a safe return to an office setting 
• Relaxed dress code – We want you to be comfortable doing what you love, so hang your professional clothing up for another occasion. 
• Free Eco Pass for local Denver employees – when we are back in the office. 
• We are doing new and exciting things and have big plans for growth! 

Annual Base Salary Range: $130,000 - $150,000 

Annual Bonus Potential: $20,000 - $40,000 

We encourage you to apply if this role excites you - even if you think you may not have the exact skillset. We believe in cultivating an environment where there is a diversity of perspectives, in hopes that we can all thrive in an inclusive environment.   

CyberGRX does not discriminate in employment matters on the basis of race, color, religion, gender, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class. We support workplace diversity.