We are searching for a Third-Party Risk Consultant!

First off, what is CyberGRX?

CyberGRX provides enterprises and their third parties with the most cost-effective and scalable approach to third-party cyber risk management today. Built on the market's first third-party cyber risk Exchange, CyberGRX arms organizations with a dynamic stream of third party-data and advanced analytics so they can efficiently manage, monitor and mitigate risk in their partner ecosystems.

What does a Third-Party Risk Consultant do at CyberGRX?

As a Third-Party Risk Consultant, you’ll be a part of a new function at CyberGRX focused on providing advisory services to our clients. You’ll be responsible for the design and implementation of Third-Party Cyber Risk Management programs for our customers who are leveraging the CyberGRX platform. As an early member of this team, you’ll also assist with the design and the development of this function and how it will operate.

The ideal person for this role has a wealth of knowledge and expertise Third-Party Risk and can apply that to building best in class programs for our customers. You are comfortable acting as a thought leader and trusted advisor to our clients but aren’t afraid to get your hands dirty to get the job done. Most importantly, you have an eye for quality work product and will ensure that our customers get the best service on time and within budget.

What a day in the life looks like:

• You will lead and execute the design and implementation of third-party cyber risk management programs leveraging the CyberGRX platform.
• Leading discovery sessions, workshops, and other client-focused meetings in order to understand goals, objectives, and requirements.
• Developing solutions, plans, and roadmaps that support client and CyberGRX objectives.
• You will create and present high quality customer-facing artifacts in support of the delivery of services including workflow diagrams, reports, presentations, and other work-products.
• Designing processes that support the end-to-end third-party risk management lifecycle from triage to remediation.
• You will create reporting and communication strategies that support client TPRM objectives.
• Providing training to clients and colleagues as needed.
• You'll use manual and automated data analysis and transformation tools and capabilities such as excel, macros, tableau, and/or python to analyze and curate customer or company data.
• You will act as a leader in the areas of third-party risk management both internally and externally, providing recommendations on best practices to customers, and input to product development.
• Working cross-functionally with internal and external team members to achieve customer or department objectives.
• Understanding the customer’s business environment and risk management objectives.
• You will track and communicate customer engagement status and performance to internal leadership.
• Juggling multiple concurrent engagements and prioritize tasks and activities appropriately.
• Assisting with mentoring and training junior team members.

What you bring to the table:

• You have at least 5 years of experience within Third-Party Risk Management, Third-Party Cyber Risk Management, or Supply Chain Security.
• You have at least 5 years of demonstrated experience, preferably managing or leading third-party risk management teams or consultants.
• Experience with designing and implementing cross-functional programs.
• You have configured, implemented, or used GRC tools or other workflow tools used in third-party risk management.
• Experience working in highly regulated industries such as healthcare or financial services.
• Familiar with common risk and control frameworks such as NIST800-53, ISO27001, CMMC, CSA, and others.
• One or more relevant professional certifications such as CISSP, CTPRP, or relevant equivalent experience.
• You have excellent verbal and written communication skills.
• You have the ability to work and communicate with senior and “C” level executives.
• Experience as part of a virtual team with Pre-sales Engineers, Channel Managers, Technical Support Engineers, Account Managers, Customer Success, and Support/Operations.
• Strong knowledge of Microsoft Excel and PowerPoint.
• You have experience with data analysis tools such as Tableau and Python, or aren’t afraid to learn them.

Why you want to work for CyberGRX:

We offer a competitive base salary (commensurate with experience) plus incentive compensation

• We have an incredible benefits package including:

• 100% Company paid medical/dental/vision for employees & generous company contribution for dependent health benefits

• 401(k) program, including employer match
• Free Eco Pass for local Denver employees – when we are back in the office.
• Open Time Off policy - Take the time you need! Recharging the batteries is encouraged.
• Equity – Acting like an owner is one of our Core Values
• Monthly stipend to use for a variety of things while working remote
• Remote Friendly Work Environment *We are 100% remote for the time being, but are actively seeking new office space in the centrally located LoDo area in downtown Denver when Colorado guidelines permit a safe return to an office setting
• Relaxed dress code – We want you to be comfortable doing what you love, so hang your professional clothing up for another occasion
• We are doing new and exciting things and have big plans for growth!

Annual Base Salary Range: $130,000 - $145,000

Annual Bonus Potential: $30,000 - $50,000 

CyberGRX does not discriminate in employment matters on the basis of race, color, religion, gender, national origin, age, military service eligibility, veteran status, sexual orientation, marital status, disability, or any other protected class. We support workplace diversity.