All roles

Open role

GRC Analyst (Third-Party & Client Questionnaire Management)

Remote · Indonesia Full-time

GRC Analyst (Third-Party & Client Questionnaire Management) The GRC Analyst – Third-Party & Client Questionnaire Management is responsible for supporting and managing security, risk, compliance, and due diligence questionnaires received from clients, prospects, vendors, and business partners. This role serves as a subject matter resource for industry-standard compliance frameworks and plays a critical role in ensuring responses are accurate, consistent, auditable, and aligned with the organization's approved control language and evidence. The position emphasizes GRC platform enablement, automation, quality assurance, and continuous improvement to streamline questionnaire response processes, reduce cycle times, and support the organization's overall risk and compliance posture. Essential Functions

  • Support the completion of security, risk, compliance, and due diligence questionnaires from clients, prospects, vendors, and partners.
  • Serve as a subject matter resource for responding to questionnaires related to HITRUST, PCI DSS, SOC 2, NCQA, and general security and privacy controls.
  • Coordinate with internal stakeholders, including IT, Security, Compliance, Legal, and Operations, to validate questionnaire responses and obtain supporting documentation or evidence.
  • Ensure all responses are accurate, consistent, current, and aligned with approved control language, policies, and audit artifacts.
  • Manage timelines and prioritize questionnaire requests to meet internal and external deadlines.

GRC Platform Enablement & Automation

  • Configure, maintain, and enhance questionnaire libraries within the GRC platform to support automated and semi-automated responses.
  • Map questionnaire questions to existing controls, policies, procedures, and evidence within the GRC system to enable reuse, consistency, and standardization.
  • Continuously enhance automation rules and response logic to reduce manual effort and improve response turnaround time.
  • Review system-generated responses for accuracy, completeness, and appropriateness prior to submission.
  • Maintain version control and approval workflows for standardized questionnaire responses.
  • Track questionnaire requests, response status, and performance metrics through the GRC tool.

Quality Assurance & Continuous Improvement

  • Perform periodic reviews of standardized questionnaire content to ensure alignment with current control posture, certifications, and audit outcomes.
  • Update approved responses following control changes, audit findings, framework updates, or regulatory changes.
  • Identify recurring questions, inefficiencies, or content gaps and proactively address them through control enhancements, documentation updates, or process improvements.
  • Provide reporting and metrics to leadership on questionnaire volume, turnaround time, automation effectiveness, and emerging risk trends.
  • Support continuous improvement initiatives related to third-party risk management, client assurance, and compliance operations.

Minimum Requirements

  • Minimum of 2 years of experience in Governance, Risk, and Compliance (GRC), information security, third-party risk management, or compliance operations.
  • Demonstrated experience completing and managing security, risk, compliance, and due diligence questionnaires for clients, prospects, vendors, or partners.
  • Working knowledge of common compliance and assurance frameworks, including HITRUST, SOC 2, PCI DSS, NCQA, and general security and privacy control frameworks.
  • Experience coordinating with cross-functional stakeholders (e.g., IT, Security, Compliance, Legal, Operations) to validate responses and obtain supporting evidence.
  • Hands-on experience using a GRC platform to manage controls, evidence, workflows, and questionnaire responses.
  • Ability to ensure accuracy, consistency, and version control of standardized responses and supporting documentation.
  • Strong written communication skills with the ability to clearly articulate technical and control-related concepts to internal and external audiences.
  • Strong organizational skills and the ability to manage multiple questionnaire requests and deadlines simultaneously.
  • Proficiency with standard business tools, including Microsoft Office or Google Workspace.

Education: Bachelor's degree in Information Security, Risk Management, Business, Information Systems, or a related field, or equivalent professional experience. Experience: 2–5 years of experience in GRC, information security, compliance, risk management, or third-party risk management. RevSpring is an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.

More open positions

Lead Technical GRC Analyst (Governance)

Work from home Full-time role

Analyst, Case Management (Field – Must reside in Will or Kendall County, IL or surrounding areas)

Work from home Full-time role

Presales Endpoint Security Solution Architect

Work from home Full-time role

Cyber Security GRC Analyst with state govt exp - $64 CTC - REMOTE (Candidates in the EST & CST zones)

Work from home Full-time role

Junior Governance, Risk & Compliance Analyst

Work from home Full-time role

[Remote] Manager Inside Sales Support - Chicago

Work from home Full-time role

VP, Consumer Claims

Work from home Full-time role

[Remote] Machine Learning Engineer

Work from home Full-time role

Technical Writer (Remote - US)

Work from home Full-time role

Sourcing & Procurement Analyst (Hybrid)

Work from home Full-time role

Lead Solutions Engineer (Remote)

Work from home Full-time role

Sales Representative

Work from home Full-time role

Senior Integrated Healthcare Manager, Neuropsychiatry - NE England, Scotland & Northern Ireland

Work from home Full-time role

Experienced Customer Support Specialist – Email, Chat, and Phone (Remote) – Urgent Hiring Opportunity

Work from home Full-time role

Entry-Level Medical Transcription Jobs from Home with Paid Training

Work from home Full-time role

Temporary Account Executive - Greater Grand Rapids, MIchigan (6 month position)

Work from home Full-time role

Steuerfachkraft (m/w/d) in Erkenbrechtsweiler mindestens 52.000€ - 100% Remote möglich

Work from home Full-time role

Strategic Account Executive II

Work from home Full-time role

Experienced Hybrid Customer Care Specialist I - Residential

Work from home Full-time role

Data Entry Jobs with American Express: Work from Home Opportunity-Remote

Work from home Full-time role

SEO Specialist

Work from home Full-time role