Third-Party Risk Management (TPRM) Security Analyst - Onsite Interview

Job Title: Security Specialist 2(ITSS) - Third-Party Risk Management (TPRM) Security Analyst

Job Location: Columbus, Ohio (Remote)

Initial Teams interview, followed by in-person interview at 1970 W. Broad Street Columbus

Full-Time Remote PART-TIME position: approximately 10 hours/week. Must be able to attend occasional on-site meetings.

Requirements:

• 3+ years of experience in cybersecurity risk analysis including third-party vendor security assessments
• Proficiency in BitSight security ratings platform for monitoring vendor cyber risk posture
• Experience in applying cybersecurity frameworks such as NIST CSF and ISO 27001 for compliance reviews
• Experience with vulnerability management processes and security control validation
• Experience in vendor risk monitoring and remediation tracking using GRC tools such as OneTrust
• Experience with generating security reports and dashboards highlighting risk exposure and compliance gaps
• Strong written and verbal communication skills for reporting findings and coordinating with stakeholders

Responsibilities:

• Conduct cybersecurity assessments of external vendors and evaluate compliance with security standards.
• BitSight to monitor vendor security ratings and detect risk posture changes.
• Reviewing security questionnaires and validating third-party security control implementations.
• Analyzing vulnerability findings and documenting remediation requirements.
• Managing remediation tracking and compliance activities within OneTrust GRC platform.
• Generating risk assessment reports and dashboards for administrative review.
• Communicate security findings, coordinate follow-ups with vendors, and provide regular status updates.