Governance, Risk, and Compliance Specialist

We are looking for a detail-oriented GRC Specialist to support our Governance, Risk, and Compliance functions. You’ll focus on executing third-party risk assessments, managing security awareness training, supporting policy reviews, and assisting with information security compliance initiatives.Key Responsibilities:Conduct technical risk evaluations of third parties’ tools, platforms, and services.Perform vendor due diligence in accordance with SOC 2 and internal standards.Prepare and present assessment findings to the GRC Manager and Head of Information Security for final review and approval.Make recommendations to strengthen vendor security posture.Select and implement annual security awareness training programs.Maintain and deliver security training for new hires, aligned with company policies.Assist in the maintenance and review of ITGRC policies and procedures, collaborating with policy owners to ensure documents are current and aligned with controls.Support in responding to incoming information security questionnaires from clients or partners.Support evidence collection efforts for audits and internal reviews.Learn and contribute to broader GRC functions under the guidance of the GRC Manager.