Governance, Risk, and Compliance Senior Specialist

CohnReznick• , GA

15h•Remote

About The Position

As CohnReznick grows, so do our career opportunities. As one of the nation’s top professional services firms, CohnReznick creates rewarding careers in advisory, assurance, and tax with team members who value innovation and collaboration in everything they do! CohnReznick helps organizations optimize performance, manage risk, and maximize value through CohnReznick LLP (assurance services) and CohnReznick Advisory LLC (advisory and tax services). Together, the firm provides leaders with deep industry knowledge and relationships, solutions to address clients’ unique business goals and risks, and insight on how emerging market forces can drive opportunity. With offices nationwide, the firm serves organizations around the world as an independent member of Nexia. We currently have an exciting career opportunity for an Governance, Risk, and Compliance Senior Specialist to join our Legal & Risk team . CohnReznick is a hybrid firm and most of our professionals are located within a commutable distance to one of our offices. This position is considered remote which means it does not require job duties be performed within proximity of a CohnReznick office location. However, as a remote employee, you may be required to be present at a CohnReznick office with scheduled notice for client work, team meetings, or trainings. YOUR TEAM. This position will support our Governance, Risk & Compliance team. The Governance, Risk, and Compliance Senior Specialist is responsible for actively supporting and enhancing the organization’s security and compliance initiatives. The Senior Specialist will serve as a key contributor to both security awareness training and third-party risk management programs. WHY COHNREZNICK? At CohnReznick, we’re united by a common mission to create opportunity, value, and trust for our clients, our people, and our communities. Whether it’s working alongside your peers to solve a client challenge, or volunteering together at the local food bank, there are so many ways to find your “why” at the firm. We believe it’s important to balance work with everyday life – and make time for enjoyment and fun. We invest in a robust Total Rewards package that includes everything from generous PTO, a flexible work environment, expanded parental leave, extensive learning & development, and even paid time off for employees to volunteer. YOUR ROLE.

Requirements

Proven ability to manage multiple projects and meet deadlines in a dynamic environment.
Strong interpersonal skills and the ability to work collaboratively across teams and with external vendors.
Highly organized; capable of prioritizing and executing tasks efficiently in a fast-paced environment with the ability to manage time effectively.
Capable of handling issues involving confidentiality and discretion in a mature professional manner.
Strong written and verbal communication skills, with the ability to translate technical and compliance concepts for non-technical audiences.
Working knowledge of third-party risk management concepts (e.g., due diligence, risk tiering, remediation tracking) and the ability to learn internal methodologies quickly.
Proficiency with Microsoft Office tools (Excel, PowerPoint, Word) and experience maintaining trackers, dashboards, and status reporting.
Experience reviewing vendor security documentation (e.g., SOC reports, security questionnaires) and summarizing findings for stakeholders.
Ability to document processes and maintain clear audit-ready evidence (e.g., screenshots, approvals, and assessment artifacts).
Strong analytical and problem-solving skills, with attention to detail when assessing risk, exceptions, and remediation plans.
Comfort working with cross-functional partners (IT, Security, Procurement, Legal) to drive vendor follow-ups and close action items.

Nice To Haves

Bachelor’s degree in Information Technology, Business Administration, or related field, or 3-5 years of equivalent experience.
Third-Party Risk Management program implementation experience, a plus.
Business Resiliency experience or related experience, a plus.
Familiarity with security frameworks (e.g., NIST, ISO 27001) and regulatory standards (e.g., PCI, HIPAA).

Responsibilities

Conduct third-party risk assessments, analyzing vendor practices to identify and mitigate potential risks.
Manage and maintain dashboards, trackers, and logs for compliance activities, including risk assessments and training metrics.
Review and recommend updates to standard operating procedures related to IT governance, security awareness, and vendor risk management.
Serve as a point of contact for internal and external stakeholders on third-party compliance matters and security awareness initiatives.
Provide insights and recommendations for process improvements and contribute to the development of automation tools for tracking compliance metrics.
Act as back-up support for distributing security awareness training communications as needed.
Coordinate vendor information requests and follow-ups, ensuring timely collection of security artifacts and responses to questionnaires.
Track third-party remediation items and exceptions, preparing status updates and escalating risks when appropriate.
Support periodic reporting (e.g., program metrics, trends, and key risks) for leadership and governance forums.
Assist with policy, standard, and control documentation by gathering evidence and maintaining organized, audit-ready records.
Partner with Procurement, Legal, IT, and Information Security to align third-party reviews with contracting and onboarding timelines.