TPRM Manager – Cybersecurity & Technology Risk

Job Description

Job Title: TPRM Manager Cybersecurity & Technology Risk

Location: Ahmedabad, India

Experience: 7+ Years

Department: Technology Risk, Cybersecurity & TPRM Consulting

Reporting To: Regional Partner / Director Technology Risk & Cybersecurity

Notice Period: Early joiners preferred

Role Overview

We are seeking a highly capable and self-driven TPRM Manager to establish and scale the Third Party Risk Management practice in Ahmedabad . This is a leadership role in a growing geography, requiring independent ownership of client engagements, end-to-end vendor risk assessments, stakeholder management, and contribution to regional practice and revenue growth.

The ideal candidate will have strong expertise in TPRM, IT Risk Management, and Information Security , with hands-on experience in vendor assessments, control evaluations, and regulatory compliance across BFSI and regulated industries.

Key Responsibilities

1. Client & Engagement Management

• Independently lead TPRM engagements for clients across BFSI, Telecom, Manufacturing, Healthcare, and GCCs.
• Act as the single point of contact for TPRM engagements in the Ahmedabad region.
• Build trusted relationships with CXOs, CISOs, Procurement Heads, Compliance, and Internal Audit leaders .
• Plan, scope, and execute third-party risk assessments aligned with industry standards and regulatory expectations.
• Review assessment reports, risk ratings, and remediation plans to ensure quality, consistency, and timely delivery .

2. TPRM & Risk Assessment Delivery

• Conduct end-to-end vendor risk assessments , including inherent risk scoring and residual risk evaluation.
• Assess third-party controls across:
• Information Security & Cybersecurity
• IT General Controls (ITGC)
• Data Privacy & Regulatory Compliance
• Business Continuity & Disaster Recovery (BCP/DR)
• Cloud and Outsourced Service Providers
• Perform SOC 1 / SOC 2 report reviews , control gap analysis, and risk acceptance recommendations.
• Evaluate compliance with frameworks and regulations such as ISO 27001, NIST CSF, CIS Controls, RBI, SEBI, GDPR, and local data protection requirements .
• Coordinate with specialist teams for VAPT, cloud security, and privacy assessments where required.

3. Stakeholder & Team Leadership

• Collaborate with internal stakeholders including partners, service line leaders, legal, compliance, and delivery teams across regions.
• Provide technical guidance, mentoring, and quality reviews for junior consultants and analysts.
• Represent the Ahmedabad location in regional TPRM capability-building initiatives and leadership forums .

4. Business Development & Market Growth

• Identify and develop opportunities in TPRM, vendor risk, and digital trust services .
• Support proposal development, RFP responses, and client presentations .
• Participate in industry forums, client workshops, and thought leadership initiatives focused on third-party risk.
• Contribute to regional revenue targets and help build a local TPRM client portfolio .

Qualifications & Experience

• Education: B.E./B.Tech in Computer Science, IT, or related discipline (MBA preferred).
• Experience:
• 7+ years of experience in TPRM, IT Risk, Cybersecurity, or Technology Risk Consulting .
• Hands-on experience in vendor risk assessments, SOC report reviews, and regulatory compliance .
• Proven ability to manage end-to-end client engagements independently .
• Exposure to business development and client acquisition is a strong advantage.

Certifications (Preferred)

• CISA
• CISM
• ISO 27001 Lead Auditor
• CRISC
• Third Party Risk / Vendor Risk certifications
• Data Privacy certifications (preferred)

Core Skills & Competencies

• Strong understanding of TPRM lifecycle , inherent risk scoring, due diligence, and continuous monitoring.
• Working knowledge of ISO 27001, NIST CSF, CIS Controls, COBIT, RBI & SEBI guidelines , and global regulatory expectations.
• Ability to translate vendor control gaps into business and regulatory risk .
• Excellent communication, presentation, and stakeholder management skills.