Experienced Cybersecurity GRC Specialist – Third-Party Risk, Compliance & Information Security (Remote, Full-Time Opportunity, $80,000 Annual)

About arenaflex

arenaflex stands at the forefront of innovation where creativity meets cutting-edge technology. As a globally recognized organization committed to delivering exceptional experiences, arenaflex brings together diverse talent from around the world to craft solutions that inspire, protect, and transform industries. Our cybersecurity division serves as the digital guardian of our operations, ensuring that every creative endeavor, partner collaboration, and customer interaction remains safeguarded against evolving threats. At arenaflex, we believe that robust governance, risk management, and compliance (GRC) practices are not merely regulatory checkboxes—they are the foundation upon which trusted relationships and sustainable growth are built.

We are seeking a dedicated and experienced GRC professional to join our dynamic Cybersecurity team. This position offers the flexibility of remote work while engaging with complex, meaningful projects that protect arenaflex's vast ecosystem of partners, vendors, and internal operations. If you are passionate about cybersecurity, thrive in collaborative environments, and want to contribute to an organization that values both innovation and security, this opportunity is designed for you.

Position Overview

As a Cybersecurity GRC Specialist at arenaflex, you will play a pivotal role in guiding governance, risk, and compliance activities across the organization. You will be responsible for executing our Third-Party/Internal Threat Management (TPRM) program, supporting internal security compliance requirements, and ensuring adherence to global regulations, standards, and frameworks. Reporting directly to the Manager of Governance, Risk, and Compliance within our Cyber and Data Safety division, you will collaborate with cross-functional teams, business stakeholders, and external partners to identify, assess, and mitigate cybersecurity risks effectively.

The ideal candidate brings a balanced combination of technical knowledge, analytical thinking, and exceptional communication skills. You will be entrusted with shaping the future of our risk management practices, driving continuous improvement, and cultivating a culture of security awareness throughout the organization.

Key Responsibilities

Third-Party/Internal Threat Management (TPRM) Program

• Support arenaflex's global Third-Party/Internal Threat Management framework by conducting comprehensive cyber risk-related due diligence assessments.
• Validate incoming third-party and internal threat assessment requests, collaborating closely with business stakeholders to confirm request details and define the scope of each engagement.
• Facilitate kick-off sessions with business stakeholders and relevant third parties to initiate Third-Party Assessments (TPA) efficiently and professionally.
• Coordinate the distribution of due diligence questionnaires to internal stakeholders and external parties, carefully reviewing submitted responses for completeness and identifying risks arising from the design and operational effectiveness of internal or third-party security controls.
• Document assessment responses, associated findings, and remediation plans within arenaflex's internal systems, ensuring accurate record-keeping and traceability.
• Draft and review comprehensive assessment reports for completed evaluations, ensuring that relevant business stakeholders finalize their reviews in a timely manner.
• Serve as a strong liaison between business units, third parties, and the risk management team, addressing queries related to risk control methodology and assessment outcomes.
• Conduct continuous monitoring of third parties through arenaflex systems for current and emerging findings, tracking all identified issues to closure.
• Identify opportunities for improvement within arenaflex's TPRM systems, processes, and methodologies, proposing innovative solutions to enhance program effectiveness.
• Work closely with the Risk Lead/Supervisor to schedule and execute a variety of supporting activities related to the broader risk management program.

Governance, Risk, and Compliance Activities

• Lead and support the development of cybersecurity risk and compliance-related strategies to ensure the treatment of cybersecurity risks aligns with arenaflex's risk appetite and business objectives.
• Maintain and document compliance with information security-related guidelines and processes through planning, testing, remediation, tracking, and reporting on control reviews and risk assessments.
• Lead the development and delivery of compliance and risk education programs, fostering an ongoing culture of security awareness and compliance throughout the organization.
• Stay abreast of regulatory changes, new guidelines, emerging technologies, and internal policy modifications to proactively identify new key risk areas requiring attention.
• Lead initiatives to maintain and guide ISO 27001 compliance, ensuring that arenaflex continues to meet international standards for information security management.

Competencies and Attributes for Success

Knowledge and Competencies

• Outstanding stakeholder management skills with the ability to build trust and influence across all organizational levels.
• Working knowledge of information security-related best practices and standards, including ISO 2700x, SOC 2 requirements, SSAE 16/18 standards, and other relevant frameworks.
• Experience in the management of risk, controls, and compliance within complex organizational environments.
• Expertise in risk evaluation methodologies, encompassing both qualitative and quantitative approaches.
• Superior analytical and problem-solving abilities, with a keen eye for identifying patterns, anomalies, and potential vulnerabilities.
• Excellent presentation-making and delivery skills, capable of communicating complex technical information to diverse audiences.

Personal Attributes

• Strong interpersonal abilities that foster collaboration and positive working relationships.
• Capacity to navigate fast-paced environments and maintain flexibility with working hours when needed.
• Outstanding communication abilities, both verbal and written, with the ability to tailor messaging to different stakeholders.
• Adaptability to quickly respond to changing circumstances and drive high-quality organizational change.

Preferred Education and Experience

• Applicable Bachelor's or Master's degree from an accredited university, or equivalent professional experience in a related field.
• Minimum of four years of experience in third-party risk management, information security, and audit and compliance tracking, with at least two to three years specifically in TPRM or internal audit roles.
• Preferred experience working with a large multinational corporation and/or a Big Four accounting firm, bringing a deep understanding of enterprise-scale risk management.
• One or more professional credentials such as CISA (Certified Information Systems Auditor), CRISC (Certified in Risk and Information Systems Control), ISO 27001 Lead Auditor/Lead Implementer, or CISSP (Certified Information Systems Security Professional).
• Experience or familiarity with artificial intelligence and machine learning applications in cybersecurity is considered a significant plus.

Career Growth and Development Opportunities

At arenaflex, we are deeply committed to the professional development of our team members. Joining our cybersecurity division means gaining access to a wealth of learning resources, mentorship programs, and career advancement pathways. You will have the opportunity to:

• Work alongside seasoned cybersecurity professionals who are leaders in their fields.
• Participate in industry conferences, training workshops, and certification programs sponsored by arenaflex.
• Engage with cutting-edge technologies and methodologies that shape the future of cybersecurity.
• Progress into senior leadership roles within GRC, cybersecurity strategy, or specialized risk management domains.
• Contribute to thought leadership initiatives that influence industry best practices.

Work Environment and Company Culture

arenaflex fosters a culture of inclusivity, innovation, and continuous learning. Our remote work model is designed to support flexibility while maintaining strong team connectivity through regular virtual collaboration, team-building activities, and cross-functional projects. We celebrate diversity and believe that different perspectives drive better outcomes. Our team members enjoy an environment that values work-life balance, encourages open communication, and rewards initiative and creativity.

When you join arenaflex, you become part of a community that is passionate about making a difference. Whether through our corporate social responsibility programs, employee resource groups, or community outreach initiatives, you will find ample opportunities to contribute to causes that matter.

Compensation, Perks, and Benefits

This position offers a competitive annual salary of $80,000, commensurate with experience and qualifications. In addition to base compensation, arenaflex provides a comprehensive benefits package that may include:

• Comprehensive health, dental, and vision insurance plans.
• Generous paid time off, including vacation days, sick leave, and holidays.
• Retirement savings plans with company matching contributions.
• Professional development allowances for certifications, courses, and conferences.
• Flexible work arrangements that support remote work and work-life balance.
• Employee wellness programs, including mental health resources and fitness incentives.
• Access to exclusive arenaflex experiences, products, and partner discounts.

How to Apply

If you are ready to take the next step in your cybersecurity career and join a team that values your expertise, we encourage you to apply today. Become part of arenaflex and help us shape a safer, more secure digital future. Our hiring process is designed to be transparent, respectful, and focused on finding the right fit for both you and our organization.

Take the leap. Apply now and let your career journey with arenaflex begin.