Skip to main content

Business Risk and Controls Advisor

Login to bookmark this Job

Title: Business Risk and Controls Advisor

Location: San Antonio, TX (onsite 4 days/week)

Contract: Through June 2025, potential of extensions! 

 

Job Responsibilities: 

  • 2-4 yeas of Information Security/Information Technology or Governance Risk & Compliance / Third Party Risk Management experience
  • Review Enterprise Third Party Risk Management triggers to validate the need to conduct due diligence on third parties (this requires discussions with the Line of Business on their submissions of the Inherent Risk Questionnaire (IRQs) and questioning their understanding of the service being contracted for and data being shared).
  • The individual will also be reviewing Post due diligence assessment work entering findings into the GRC tool (Sales Force/Archer) validating issues identified have been resolved and closed out in the GRC Tool).  

Technical Requirements: 

  • Strong knowledge of NIST Cyber Framework 
  • Strong background in IT Security Risk Assessments 
  • Microsoft Excel 
  • Strong writing and issue remediation knowledge as it relates to Information Security and Technology risk domains.
  • Certification with some level of work experience in this area (TPRM/Governance, vendor assessments) – Security+, CTPRP, CISA, CRISC, etc

Required Skills : • 2-4yrs of Information Security/Information Technology or Governance Risk & Compliance / Third Party Risk Management experience
• Review Enterprise Third Party Risk Management triggers to validate the need to conduct due diligence on third parties (this requires discussions with the Line of Business on their submissions of the Inherent Risk Questionnaire (IRQs) and questioning their understanding of the service being contracted for and data being shared).
• The individual will also be reviewing Post due diligence assessment work entering findings into the GRC tool (Sales Force/Archer) validating issues identified have been resolved and closed out in the GRC Tool).
• Strong writing and issue remediation knowledge as it relates to Information Security and Technology risk domains.
Certification with some level of work experience in this area (TPRM/Governance, vendor assessments) – Security+, CTPRP, CISA, CRISC, etc.

Basic Qualification :

Additional Skills :

Hybrid schedule
Long term opportunity

Background Check : Yes

Drug Screen : Yes

Notes :
Selling points for candidate :Hybrid schedule
Long term opportunity
Project Verification Info :”The information provided below is for Apex Systems AV use only and is not to be distributed publicly, or to any third party. Any distribution of the below information will result in corrective action from Apex Systems Vendor Management.

MSA: Blanket Approval Received
Client Letter: Will Provide”
Candidate must be your W2 Employee :Yes
Exclusive to Apex :No
Face to face interview required :No
Candidate must be local :Yes
Candidate must be authorized to work without sponsorship ::No
Interview times set :Yes
Type of project :
Master Job Title :IT
Branch Code :

Apply
Search Jobs
Request Talent
Blog
Contact Us
Come join the Ninja family!

Fill out the form and one of our expert recruiters will get back to you.

Contact US