Associate Risk Analyst – TPRM Assessments and Control Testing (2yr + exp) – Immediate Start

Conduct internal controls and vendor information security risk assessments, testing and audits. Candidates must possess previous experience in conducting risk and control assessments.
Validate the adequacy of controls, standards, policies, and procedures to protect Confidentiality, Integrity, and Availability and ensure compliance with regulatory requirements.
Assess the level of inherent technology risks in the context of business objectives and risk appetite, establishing residual risk based on scores.
Ability to read and decipher IT system and technical design documents to identify potential risks or design flaws that may manifest into risks.
Classify vendors according to their access to systems, networks, and sensitive information, assessing risks for individual vendors based on their level of access and the sensitivity of the data they handle.
Query vendors based on their responses, identify potential gaps or observations, and communicate findings to stakeholders in a structured format, including risk descriptions, root causes, business impacts, compensating controls, and suggested remediation plans.
Prepare and update Standard Operating Procedures for the Vendor Risk assessment process.
Organize and lead internal weekly action review calls to track the status of ongoing assessments.
Maintain, track, and follow up on the status of assessments, publishing a weekly tracker to the client.
Full training will be provided for this role.
This position is client-facing, so a strong client presence and excellent communication skills are essential.
Be highly organized and a self-starter, requiring minimal supervision.
Be able to learn software intuitively and enhance processes to take advantage of automation.

Bachelor's degree in a relevant field or equivalent work experience.
Previous experience in conducting risk assessments is a requirement
Knowledge and experience of risk management frameworks, such as CIS, NIST-CSF or ISO is a must.
Understanding of compliance requirements related to IT audit, data privacy, including GDPR and CCPA is a pre-requisite
Strong organizational and communication skills.
Ability to work independently and collaboratively.
Excellent client-facing skills and a professional demeanor.
If you are a self-motivated individual with a passion for risk analysis and information security, and you want to join a dynamic team that is dedicated to ensuring the security of our clients' sensitive data, we encourage you to apply.
Only immediate less than 15 days – ideal start immediate of August 1. Latest start date

Maclear Global is a leading provider of risk assessment and vendor information security services, dedicated to safeguarding the confidentiality, integrity, and availability of sensitive data. We work closely with our clients to ensure compliance with regulatory requirements and to minimize inherent technology risks. Our commitment to excellence, integrity, and client satisfaction has earned us a solid reputation in the industry.