TPRM Manager/ Senior Manager

Job Title: Third Party Risk Management (TPRM) Consultant / Senior Consultant

Location: Bangalore

Experience: 6+ Years

Joining: Early joiners preferred

About the Role

We are looking for an experienced TPRM professional with strong expertise in GRC, ISMS, ISO 27001, and Integrated Risk Management (IRM) to support and strengthen third-party risk governance. The role involves assessing vendor risks, implementing security and compliance frameworks, and ensuring alignment with global information security standards.

Key Responsibilities

• Manage and execute the Third-Party Risk Management (TPRM) lifecycle, including onboarding, risk assessment, monitoring, and remediation.
• Conduct vendor security assessments and due diligence reviews based on industry frameworks and regulatory requirements.
• Support implementation and monitoring of Information Security Management Systems (ISMS) aligned with ISO standards.
• Perform third-party risk assessments covering cybersecurity, data privacy, operational risk, and regulatory compliance.
• Work closely with internal stakeholders to evaluate vendor risk posture and ensure appropriate controls are implemented.
• Maintain and enhance GRC frameworks and risk registers related to third-party engagements.
• Assist in the implementation and optimization of Integrated Risk Management (IRM) platforms/tools.
• Track remediation actions and follow up with vendors to close identified security gaps.
• Prepare risk reports, dashboards, and presentations for leadership and audit teams.
• Support internal and external audits related to vendor risk, information security, and compliance.

Required Skills & Experience

• 6+ years of experience in Third-Party Risk Management, Information Security, or GRC roles.
• Strong understanding of GRC frameworks, ISMS implementation, and ISO 27001 controls.
• Experience performing vendor risk assessments, due diligence reviews, and security questionnaires.
• Hands-on exposure to IRM platforms or risk management tools.
• Familiarity with security and compliance frameworks such as ISO 27001, NIST, and SOC frameworks.
• Strong analytical, documentation, and stakeholder management skills.
• Experience working with cross-functional teams including security, legal, procurement, and compliance.

Preferred Certifications

• ISO 27001 Lead Implementer / Lead Auditor
• CISA / CRISC / CISM / CISSP (preferred but not mandatory)

Additional Information

• Location: Bangalore
• Early joiners will be given preference.