TPRM (Third Party Risk Management)

We are hiring Third-Party Risk Management (TPRM) to join our team for Mumbai Location.

Experience: Relevant experience in risk management, information security, or vendor management, with

a focus on third-party risk.

1. Experience in TPRM- should be minimum of 3 years

2. Notice Period: Immediate to 30 Days

2. Experience in Cybersecurity should be there.

3. Certification in the relevant area desired (Like ISO 27001 lead auditor, etc)

Summary:

The Third-Party Risk Management (TPRM) Analyst is responsible for assessing and managing the risks

associated with third-party relationships to ensure the security, integrity, and compliance of the

organization's information and assets. The role involves evaluating third-party vendors, conducting risk

assessments, implementing risk mitigation strategies, and maintaining ongoing monitoring processes.

Key Responsibilities:

1. Third-Party Risk Assessments:

- Conduct thorough assessments of potential and existing third-party vendors to evaluate their security

controls, data protection practices, and overall risk posture.

- Collaborate with various stakeholders to gather relevant information and assess the impact of third-

party relationships on the organization.

2. Risk Identification and Analysis:

- Identify and analyze potential risks associated with third-party relationships, considering factors such

as cybersecurity, data privacy, compliance, and business continuity.

- Evaluate the inherent and residual risks and communicate findings to relevant stakeholders.

3. Compliance Management:

- Ensure third-party vendors comply with industry regulations, legal requirements, and organizational

policies.

- Stay updated on relevant regulatory changes and communicate the impact on third-party risk

management processes.

4. Policy Development and Implementation:

- Contribute to the development and enhancement of third-party risk management policies and

procedures.

- Implement and enforce risk management frameworks to ensure consistent and effective risk

assessments.

5. Monitoring and Reporting:

- Establish and maintain ongoing monitoring mechanisms for third-party relationships.

- Generate and provide regular reports on the status of third-party risks, key performance indicators, and

mitigation efforts.

6. Vendor Due Diligence:

- Conduct due diligence activities, including vendor background checks, financial assessments, and

evaluation of their security and privacy practices.

- Collaborate with legal and procurement teams to ensure that contractual agreements include

necessary security and compliance clauses.

7. Collaboration and Communication:

- Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to

ensure a comprehensive approach to third-party risk management.

- Communicate effectively with third-party vendors to address and resolve identified risks.

Qualifications and Skills:

- Bachelor's degree in a related field (e.g., Information Security, Risk Management, Business

Administration).

- Certification in relevant areas such as ISO27001 will be preferred.

- Knowledge of third-party risk management frameworks, industry standards, and regulatory

requirements.

- Strong analytical and problem-solving skills with attention to detail.

- Excellent communication and interpersonal skills.

- Experience with vendor risk management platforms is a plus.

- Ability to work independently and collaboratively in a team environment.

*Only Local Candidates are preferred from Mumbai.

This is NOT a work from home opportunity. The selected candidate will be required to work from the

office only.