Third-Party Risk Management Analyst

GRC Analyst

Pay Rate: $50-$60/hr DOE (W2 with benefits)

6-12 Month Contract. Possibility of extension or conversion to FTE.

Location: 100% Remote

Overview

Our client is seeking a Third-Party Risk Management Analyst to join its Governance, Risk & Compliance

(GRC) group. This role will support the assessment and ongoing risk management of third-party vendors

by reviewing security assurances, identifying gaps, and partnering with internal stakeholders to ensure

vendor risks are understood and appropriately managed.

The ideal candidate has hands-on experience conducting third-party risk assessments, reviewing industry-

standard security reports, and operating within structured risk workflows. Experience with content

security assessments in media environments and GRC tooling is a strong plus.

Responsibilities

• Perform third-party risk assessments across a diverse vendor ecosystem

• Review and evaluate security assurances including SOC 2 Type II, ISO 27001 Statements of

Applicability, and PCI AOCs

• Identify, document, and communicate vendor security risks and remediation requirements

• Manage intake, tracking, and workflow execution using Jira Service Manager

• Partner with internal teams to support risk-based decision-making and business enablement

• Contribute to reporting and metrics related to third-party risk posture

• Support or perform Content Security Assessments, including those aligned with the Motion

Picture Association Trusted Partner Network (TPN) framework (as applicable)

• Assist with administration, configuration, or design of workflows within GRC tools such as

ServiceNow GRC or OneTrust (as needed)

Requirements

• Experience performing third-party risk assessments in an enterprise environment

• Hands-on experience reviewing security assurance documentation (SOC 2 Type II, ISO 27001

SOA, PCI AOC)

• Familiarity with Jira Service Manager for intake and workflow management

• Strong understanding of information security risk and control frameworks

• Ability to clearly communicate risk findings to technical and non-technical stakeholders

• Comfortable working in a remote, fast-paced environment

Nice to Have

• Experience performing Content Security Assessments in media or entertainment environments

• Familiarity with the MPA Trusted Partner Network (TPN) security framework• Admin or design experience in ServiceNow GRC, OneTrust, or similar GRC platform

About Us:

At Brooksource, relationships are the foundation of everything we do. Since 2000, we’ve built lasting partnerships with clients, consultants, and internal teams to deliver an exceptional experience across every engagement. As a trusted IT and Engineering services provider, Brooksource supports Fortune 500 organizations through Experience-Driven Staffing, Professional Services, and Elevate, our proprietary Workforce Transformation program. Whether you're hiring for software development, cloud computing, cybersecurity, data analytics, or enterprise IT, our customized staffing solutions are designed to align with your company’s unique goals, culture, and technology stack. We offer flexible hiring models, including contract, contract-to-hire, and direct placement to meet your evolving business needs.

We are a certified partner of leading platforms, including Salesforce, AWS, Microsoft, and Google Cloud, enabling us to deliver scalable, end-to-end technology solutions. With a growing national footprint, Brooksource is redefining expectations in IT consulting, engineering services, and technology workforce solutions.

EEO Statement:

Brooksource is an equal opportunity employer that does not discriminate on the basis of actual or perceived race, color, creed, religion, national origin, ancestry, citizenship status, age, sex or gender (including pregnancy, childbirth, lactation and related medical conditions), gender identity or gender expression, sexual orientation, marital status, military service and veteran status, physical or mental disability, protected medical condition as defined by applicable state or local law, genetic information, or any other characteristic protected by applicable federal, state, or local laws and ordinances.

Benefits & Perks

Benefits & Perks: Brooksource offers competitive medical, dental, vision, Health Savings Account, Dependent Care FSA, and supplemental coverage with plans that can fit each employee’s needs. We offer a 401k plan that includes a company match and is fully vested after you become eligible, paid time off, sick time, and paid company holidays. We also offer an Employee Assistance Program (EAP) that provides services like virtual counseling, financial services, legal services, life coaching, etc.

Pay Disclaimer:

The pay range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.