As a tech-savvy GRC team member, the Technical GRC Specialist will play a pivotal role in managing third-party vendor and service provider risks, necessitating a deep understanding of cloud, IT, and security principles. The role demands close collaboration with various departments to assess, monitor, and report on risks, safeguarding operations and upholding industry standards. Responsibilities include tracking and addressing high-priority findings with vendors, communicating with technical vendor representatives, implementing new features, troubleshooting, and collaborating with engineering teams to enhance the system.
Qualifications:
- 2+ years of experience supporting the TPRM function.
- Compliance knowledge: Familiar with SOC2, ISO 27001:2022, ISO 27017, ISO 27018, data security, contract terms, disaster recovery, and insurance.
- Technical proficiency: Strong understanding of cloud technologies (AWS, Google Workspace), version control (GitHub), and enterprise apps (Salesforce).
- TPRM & SSPM expertise: Experience with TPRM tools (Panorays, Rescana) and SSPM tools (Wing Security, Grip Security).
- Security knowledge: Familiar with security best practices, access control models, vulnerabilities, and analyzing Penetration Testing, SOC 2 Type 2, and PCI AOC reports.
- Analytical skills: Able to analyze complex data, identify patterns, and draw conclusions.
- Communication: Excellent written and verbal skills, with the ability to communicate technical information to both technical and non-technical audiences.
- Problem-solving: Strong troubleshooting skills and ability to develop effective solutions.
Bonus points:
- Experience in handling 3rd party risk assessments with technical orientation.
- Experience in a SaaS technologies company.
A day in the life and how you’ll make an impact:
- Coordinate with vendor owners to complete questionnaires and submit required documentation for third-party risk assessments.
- Provide guidance to vendor owners by asking questions, analyzing feedback, and extracting useful information.
- Ensure due diligence, risk assessments, and stakeholder communications are documented per Melio’s policies and guidelines.
- Oversee risk assessments for new and ongoing third-party relationships in line with Melio’s TPRM and Enterprise Risk Management Frameworks.
- Support audit reviews, regulatory exams, and internal risk assessments.
- Assist in TPRM training and awareness initiatives across the organization.
- Track, analyze, and prioritize findings from system reviews and security assessments; collaborate with vendors on timely remediation.
- Maintain effective communication with technical vendor representatives to address security concerns and drive remediation.
- Conduct third-party security evaluations for new systems based on organizational needs.
- Troubleshoot technical issues and integrate new plugins into the GRC system; implement features to improve GRC processes and security.
About the hiring department:
Our Security department protects the organization's valuable data and systems from cyber threats. We ensure confidentiality, integrity, and availability of critical information through a combination of technology, processes, and expertise. We are a team of dedicated professionals driven by a shared mission: to be the safest, most secure payment platform.
About Melio:
Melio builds business-to-business (B2B) payment tools so small business owners can spend less time in the back office and more time on their craft. As the fastest-growing B2B payment platform in the US, Melio is working hard to find new and better ways to help small businesses succeed in the ways that work best for them.
With offices in New York and Tel Aviv, and a vibrant work culture, Melio is expanding every single day. We are a diverse group of people who love what we do and do what we love. If you are a driven and passionate team player, you will fit right in. We are an equal-opportunity employer and are always on the lookout for top-notch talent—please reach out if you would like to join us on this exciting journey!
Top Skills
What We Do
When we started Melio, we wanted to totally reinvent the way businesses pay each other. More than an efficient accounts payable tool, we’ve created a digital B2B payment platform that not only saves time but also improves cash flow. With Melio, you choose exactly how you pay and get paid, and stay on top of invoices for good. Every transaction is simple and seamless. We’re proud to help our growing community of businesses spend more time with their customers—and less time with their books.
Why Work With Us
Our culture and people are our top priorities. We champion a team that fosters DEI in all aspects. Our #TeaMelio is made up of hardworking go-getters, and we love to celebrate the successes of our team. and the continued success of our growing company! Melio fosters collaboration and transparency both internally and externally.