Senior GRC Analyst – Cybersecurity & Risk Management – Vendor Security Assessment

Job Description

Company: Pacer Group

Location: Mt Laurel Township, US

Company: Pacer Group

Location: Mt Laurel Township, US

Job Title: Senior | Lead – Third-Party Cybersecurity & Risk Management | Senior GRC Analyst – Vendor Security Assessment Specialist

Location: Charlotte, NC / Mt Laurel Township, NJ

Work Arrangement: Hybrid (3 Days Onsite)

Employment Type: Contract

Duration: 6+ Months

Pay Range: $45.80/hr. to $53.54/hr. on W2 | $62.14/hr. to $69.60/hr. on C2C

Domain: Financial Services | Governance, Risk & Compliance (GRC)

SKILLS REQUIRED

Primary (Must-Have)

• 8 to 10+ years of dedicated, hands‑on experience in Cybersecurity Governance, Risk & Compliance (GRC)

• Deep expertise in Third‑Party Risk Management (TPRM) and comprehensive vendor security assessments

• Strong working knowledge of industry‑standard security frameworks (NIST, ISO 27001, SOC 2)

• Proven capability in defining, validating, and auditing security control requirements for external entities

• Demonstrated leadership in tracking, managing, and driving remediation strategies for identified third‑party risks

Secondary (Good to Have)

• Advanced security certifications such as CISA, CRISC, CISM, or CISSP

• Experience developing, implementing, and maturing third‑party risk management policies and enterprise standards

• Strong analytical acumen for prioritizing risks alongside cross‑functional corporate stakeholders

POSITION OVERVIEW

We are seeking an elite Senior Engineer / Consultant with a decade of expertise to step into a Lead – Third-Party Cybersecurity & Risk Management role. Operating on a hybrid schedule out of our Charlotte, NC or Mt Laurel Township, NJ hubs, the selected specialist will anchor our Governance, Risk & Compliance (GRC) team. This position acts as the primary defense line for evaluating external vulnerabilities, establishing vendor security mandates, and leading hands‑on risk mitigation frameworks to secure our digital supply chain ecosystem.

ROLES & RESPONSIBILITIES

• Lead end‑to‑end, comprehensive cybersecurity assessments and structural audits of critical third‑party vendors and external partners

• Evaluate, categorize, and formally document cybersecurity risks associated with third‑party digital relationships, aligning findings with internal risk thresholds

• Define, validate, and enforce precise security control requirements for vendors, ensuring compliance with NIST, ISO 27001, and SOC 2 paradigms

• Maintain and scale advanced third‑party risk management (TPRM) frameworks, policies, and operational standards across the enterprise

• Track remediation lifecycle workflows for identified third‑party risks, collaborating directly with vendor teams and internal business units to ensure prompt mitigation

• Communicate technical risk findings, impact metrics, and remediation paths clearly to both technical engineering divisions and non‑technical business leaders

BENEFITS

• Medical

• Dental

• Vision

• 401(k)

EEOC Compliance: We are an equal opportunity employer, and all qualified applicants will receive consideration for employment.

Source: JobLeads

Source: Cybersecurity Job Board