Experienced Third-Party Risk Management (TPRM) & Governance Specialist – Cybersecurity Compliance

---

Join arenaflex as a Third-Party Risk Management & Governance Specialist

Are you a seasoned cybersecurity professional with a passion for governance, risk management, and compliance? Do you thrive in dynamic environments where you can make a meaningful impact on organizational security? If so, arenaflex invites you to join our elite Cybersecurity team as a Third-Party Risk Management (TPRM) & Governance Specialist. This is a remote opportunity that allows you to contribute to our organization's security posture from the comfort of your home while being part of a collaborative, forward-thinking team.

At arenaflex, we believe that cybersecurity is not just about protecting systems—it's about enabling business innovation while managing risks responsibly. As a TPRM & Governance Specialist, you will play a critical role in strengthening our third-party risk program, ensuring compliance with industry standards, and guiding our organization through the ever-evolving landscape of cyber threats. This is a fantastic opportunity for a professional who wants to grow their career in a supportive environment that values expertise, innovation, and continuous learning.

About the Cybersecurity Team at arenaflex

Our Cybersecurity team at arenaflex is composed of talented professionals who develop and implement strategies to help the organization achieve its business objectives while managing risks effectively and meeting industry guidelines and standards. The team works on cutting-edge technology and toward new innovations in the area of cybersecurity to deliver secure solutions that drive business value. We are committed to fostering a culture of security awareness, continuous improvement, and excellence in everything we do.

Position Overview

We are seeking an experienced Governance, Risk, and Compliance (GRC) professional to guide TPRM-related activities and ensure the smooth execution of various tasks within our Cybersecurity team. The ideal candidate will assist arenaflex's third-party/internal threat control software while managing internal safety compliance requirements and implementing regulations, tactics, and frameworks. This role reports to the Manager of Governance, Threat and Compliance within our Cyber and Data Safety department.

Key Responsibilities

• Third-Party Risk Management (TPRM): Support arenaflex's global third-party/internal risk methodology for conducting cyber danger-related due diligence exams. This includes validating incoming third-party/internal risk assessment requests and working with business stakeholders to confirm request details and engagement scope.
• Stakeholder Coordination: Conduct kick-off meetings with business stakeholders and any related third parties for conducting third-party assessments. Coordinate the distribution of due diligence questionnaires to internal stakeholders and third parties, review submitted questionnaires for completeness, and evaluate risks arising from the design and operational effectiveness of internal/third-party security controls.
• Risk Assessment & Documentation: Document responses, associated findings, and remediation plans in arenaflex's systems. Draft and review reports for the checks performed and ensure respective business stakeholders finalize reviews in a timely manner.
• Communication & Liaison: Serve as a strong liaison to ensure any queries are addressed concerning the risk control technique and evaluation to the business or third parties as required. Maintain clear and professional communication throughout the assessment lifecycle.
• Continuous Monitoring: Carry out continuous tracking of third parties via arenaflex's systems for current and new findings and music any findings to closure. Identify and escalate emerging risks promptly.
• Process Improvement: Recognize opportunities for improvement within arenaflex's systems and strategies. Propose and implement enhancements to increase efficiency and effectiveness of the TPRM program.
• Program Support: Work closely with risk leads/supervisors to schedule and execute a range of supporting activities related to the risk management program.

Governance, Threat, and Compliance Responsibilities

• Strategy Development: Lead and help the improvement of cybersecurity hazard and compliance-related strategies to ensure treatment of cybersecurity risk consistent with arenaflex's risk appetite.
• Compliance Management: Maintain and document compliance towards information safety associated guidelines and processes through planning, checking out, remediating, tracking, and reporting on control reviews and risk checks.
• Training & Communication: Lead development and delivery of compliance and risk education and ongoing communications that assist power a culture of protection and compliance across the organization.
• Regulatory Awareness: Keep abreast of regulatory changes, new guidelines, technology, and internal policy modifications to further identify new key risk regions and ensure the organization remains compliant.
• Standards Maintenance: Lead the activities to maintain and guide ISO 27001 standards. Ensure ongoing adherence to this critical international standard for information security management.

Essential Competencies & Skills for Success

• Stakeholder Management: Outstanding ability to manage relationships with internal and external stakeholders at all levels of the organization.
• Technical Knowledge: Working understanding of information security related high-quality practices and requirements including ISO 2700x, SOC 2 requirements, SSAE 16/18 requirements, and other relevant standards.
• Risk Management Experience: Proven experience in the management of hazard, controls, and compliance within a cybersecurity context.
• Risk Assessment Expertise: Strong knowledge of risk assessment methodologies – both qualitative and quantitative approaches.
• Analytical Abilities: Super analytical and problem-solving abilities with attention to detail and the capacity to interpret complex information.
• Presentation Skills: Excellent presentation making and delivery abilities to communicate findings and recommendations effectively.

Personal Attributes

• Interpersonal Skills: Robust interpersonal abilities with the capacity to build strong working relationships across the organization.
• Adaptability: Ability to navigate rapid-paced environments and be flexible with working hours to meet evolving business needs.
• Communication: Excellent communication abilities, both verbal and written, with the capacity to convey complex technical concepts to non-technical audiences.
• Change Management: Ability to adapt quickly to changing conditions and drive quality change within the organization.

Preferred Education & Experience

• Applicable bachelor's/master's diploma from an accepted university or equivalent professional experience.
• Four years of experience throughout third-party risk control, records security, and audit and compliance tracking (minimum of 2-3 years in TPRM/internal audit roles).
• Preferred experience with a large enterprise and/or major professional services firm.
• One or more relevant certifications such as CISA, CRISC, ISO27001 Lead Implementer/Auditor, or CISSP.
• Experience in AI/ML is considered a plus.

Career Growth & Learning Opportunities

At arenaflex, we are committed to the professional development of our team members. As a TPRM & Governance Specialist, you will have access to ongoing training opportunities, certifications, and career advancement pathways within our Cybersecurity organization. You will work alongside experienced professionals who are passionate about mentoring and sharing their expertise. This role provides exposure to cutting-edge cybersecurity practices, regulatory frameworks, and emerging technologies, making it an excellent platform for career growth in the governance, risk, and compliance space.

Work Environment & Culture

arenaflex offers a flexible remote work arrangement that allows you to maintain a healthy work-life balance while contributing to meaningful cybersecurity initiatives. Our culture is built on collaboration, innovation, and respect. We value diverse perspectives and believe that the best solutions emerge when talented individuals work together toward common goals. As part of our team, you will be encouraged to share your ideas, challenge the status quo, and continuously improve our processes and practices.

Compensation & Benefits

We offer a competitive annual salary of $80,000 for this position, commensurate with experience and qualifications. Additionally, arenaflex provides a comprehensive benefits package that may include health insurance, retirement plans, paid time off, professional development opportunities, and other perks designed to support your well-being and career growth.

Why Join arenaflex?

arenaflex is a leader in its field, known for its commitment to excellence, innovation, and employee satisfaction. By joining our team, you will become part of an organization that values integrity, collaboration, and continuous improvement. You will have the opportunity to make a real impact on our organization's security posture while developing your skills and advancing your career in cybersecurity governance and risk management.

We encourage applications from experienced professionals who are passionate about cybersecurity, committed to excellence, and ready to contribute to our mission of delivering secure and innovative solutions. If you are looking for a challenging and rewarding opportunity where your expertise will be valued and your growth supported, arenaflex is the place for you.

How to Apply

Ready to take the next step in your career? We invite qualified candidates to apply today. Please submit your resume and cover letter highlighting your relevant experience and qualifications. Our hiring team will review applications and reach out to selected candidates for further discussions.

arenaflex is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees. We look forward to welcoming talented professionals to our team and embarking on an exciting journey together.

Apply now and become part of something extraordinary at arenaflex!