The Role
The Cybersecurity Analyst will support Third-Party Risk Management and Vendor Risk Assessments, conduct risk assessments, monitor third-party risks, and maintain accurate documentation. The role involves creating reports, enhancing risk metrics, supporting audits, and participating in GRC activities.
Summary Generated by Built In
Work with a Top 20 CPA and advisory firm that Accounts for Anything. Aprio has 40 U.S. office locations, as well as international office locations and more than 3,200 team members that speak 60+ languages across the globe. By bringing together proven expertise, deep understanding, and strategic foresight for fast-growing industries, Aprio ensures clients are prepared for wherever life or business may take them. Discover a top-rated culture, vast growth opportunities and your next big career move with Aprio.
Join Aprio's Business Operations IT team and you will help clients maximize their opportunities. Aprio is a progressive, fast-growing firm looking for a Cybersecurity Analyst to join their dynamic team.
We are seeking a highly motivated GRC Analyst to support our Third-Party Risk Management (TPRM) and Vendor Risk Assessment program. This role is critical to ensuring that third-party risks are identified, assessed, monitored, and reported effectively across the organization. The ideal candidate brings hands-on experience with third-party assessments, strong analytical and reporting skills, and the ability to learn and adapt quickly in a dynamic environment. In addition to vendor risk responsibilities, the analyst will support other GRC activities as business needs evolve.
Position Responsibilities:
- Execute end-to-end third-party and vendor risk assessments, including inherent risk scoring, due diligence reviews, and residual risk evaluation
- Review and analyze third-party artifacts such as SOC reports, ISO certifications, policies, procedures, and security questionnaires
- Identify control gaps, document risk issues, and track remediation activities with vendors and internal stakeholders
- Support onboarding of new vendors and periodic reassessments of existing third parties
- Maintain accurate third-party risk documentation in GRC or vendor risk management tools
- Develop, maintain, and enhance risk metrics, dashboards, and reporting for third-party risk
- Track key performance indicators (KPIs) and key risk indicators (KRIs) related to vendor risk, assessment cycle times, remediation status, and risk trends
- Prepare materials for leadership and executive-level reporting, translating risk data into clear, actionable insights
- Support audits, regulatory exams, and internal reviews related to third-party risk management
- Assist with additional GRC activities as needed, including policy management, risk assessments, control testing, and compliance initiatives
- Support alignment with recognized frameworks and standards (e.g., NIST CSF, ISO 27001, SOC, FFIEC, or similar)
- Participate in continuous improvement of GRC processes, templates, and methodologies
- Collaborate with cross-functional teams including Security, IT, Legal, Procurement, Privacy, and Business Owners
Third-Party & Vendor Risk Management
Reporting, Metrics & Executive Support
Broader GRC Support
Required Qualifications:
- 2+ years of experience in Third-Party Risk Management, Vendor Risk Assessments, or GRC-related roles
- Demonstrated experience conducting or supporting third-party risk assessments
- Strong understanding of information security and risk management concepts
- Proven ability to produce clear reporting, metrics, and dashboards
- Strong analytical, organizational, and documentation skills
- Ability to learn quickly, adapt to changing priorities, and manage multiple assessments simultaneously
- Effective written and verbal communication skills
Preferred Qualifications
- Experience with GRC or TPRM tools (e.g., Archer, ServiceNow GRC, OneTrust, Riskonnect, or similar)
- Familiarity with regulatory and industry standards impacting third-party risk
- Experience supporting audits or regulatory examinations
- Relevant certifications (e.g., CISA, CRISC, CISSP, CTPRP, or similar)
The application window is anticipated to close on 6/5/26 and may be extended as needed.
Why work for Aprio:
Whether you are just starting out, looking to advance into management or searching for your next leadership role, Aprio offers an opportunity to grow with a future-focused, innovative firm.
Perks/Benefits we offer for full-time team members:
- Medical, Dental, and Vision Insurance on the first day of employment
- Flexible Spending Account and Dependent Care Account
- 401k with Profit Sharing
- 9+ holidays and discretionary time off structure
- Parental Leave – coverage for both primary and secondary caregivers
- Tuition Assistance Program and CPA support program with cash incentive upon completion
- Discretionary incentive compensation based on firm, group and individual performance
- Incentive compensation related to origination of new client sales
- Top rated wellness program
- Flexible working environment including remote and hybrid options
What’s in it for you:
- Working with an industry leader: Be part of a high-growth firm that is passionate for what’s next.
- An awesome culture: Thirty-one fundamental behaviors guide our culture every day ensuring we always deliver an exceptional team-member and client experience. We call it the Aprio Way. This shared mindset creates lasting relationships between team members and with clients.
- A great team: Work with a high-energy, passionate, caring and ambitious team of professionals in a collaborative culture.
- Entrepreneurship: Have the freedom to innovate and bring your ideas to help us grow to become the CPA firm of choice nationally.
- Growth opportunities: Grow professionally in an environment that fosters continuous learning and advancement.
- Competitive compensation: You will be rewarded with competitive compensation, industry-leading benefits and a flexible work environment to enjoy work/life balance.
EQUAL OPPORTUNITY EMPLOYER
Aprio is an Equal Opportunity Employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race; color; religion; national origin; sex; pregnancy; sexual orientation; gender identity and/or expression; age; disability; genetic information, citizenship status; military service obligations or any other category protected by applicable federal, state, or local law.
Aprio, LLP and Aprio Advisory Group, LLC, operate in an alternative business structure, with Aprio Advisory Group, LLC providing non-attest tax and consulting services, and Aprio, LLP providing CPA firm services.
Top Skills
Archer
Ffiec
Grc
Iso 27001
Nist Csf
Onetrust
Riskonnect
Servicenow Grc
Soc
Tprm
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Aprio is a premier CPA and business advisory firm that advises clients and associates on how to achieve what’s next. Aprio’s associates work as integrated teams across advisory, assurance, tax, outsourcing, staffing and private client services, bringing the best thinking and personal commitment to each client. Across practices, Aprio brings together proven expertise, deep understanding and strategic foresight for industries including Manufacturing and Distribution; Non-Profit and Education; Professional Services; Real Estate and Construction; Retail, Franchise and Hospitality; and Technology and Blockchain. Headquartered in Atlanta, Georgia, Aprio has grown to over 1,000+ team members. To serve clients wherever life or business may take them, Aprio’s teams speak more than 30 languages and work with clients in over 50 countries.
