TPRM {Third-Party Risk Management }Consultant \Lead

Job Title: Third-Party Risk Management (TPRM) Consultant Lead

Company: CyberAssure--https://cyberassure.one/

Years of Experience:7-12 years+

Location: Sohna road , sector 49, Gurgaon

Package: 15-22 lacs

Summary:

The Third-Party Risk Management (TPRM) Analyst is responsible for assessing and managing the risks associated with third-party relationships to ensure the security, integrity, and compliance of the organisation's information and assets. The role involves evaluating third-party vendors, conducting risk assessments, implementing risk mitigation strategies, and maintaining ongoing monitoring processes.

Key Responsibilities:

1. Third-Party Risk Assessments:

-Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture.

-Collaborate with various stakeholders to gather relevant information and assess the impact of third-party relationships on the organisation.

2. Risk Identification and Analysis:

-Identify and analyse potential risks associated with third-party relationships, considering factors such as cybersecurity, data privacy, compliance, and business continuity.

-Evaluate the inherent and residual risks and communicate findings to relevant stakeholders.

3. Compliance Management:

-Ensure third-party vendors comply with industry regulations, legal requirements, and organisational policies.

-Stay updated on relevant regulatory changes and communicate the impact on third-party risk management processes.

4. Policy Development and Implementation:

-Contribute to the development and enhancement of third-party risk management policies and procedures.

-Implement and enforce risk management frameworks to ensure consistent and effective risk assessments.

5. Monitoring and Reporting:

-Establish and maintain ongoing monitoring mechanisms for third-party relationships.

-Generate and provide regular reports on the status of third-party risks, key performance indicators, and mitigation efforts.

6. Vendor Due Diligence:

-Conduct due diligence activities, including vendor background checks, financial assessments, and evaluation of their security and privacy practices.

-Collaborate with legal and procurement teams to ensure that contractual agreements include necessary security and compliance clauses.

7. Collaboration and Communication:

-Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to ensure a comprehensive approach to third-party risk management.

-Communicate effectively with third-party vendors to address and resolve identified risks.

Qualifications and Skills:

-Bachelor's degree in a related field (e.g., Information Security, Risk Management, Business Administration).

-Certification in relevant areas, such as ISO:27001.

-Knowledge of third-party risk management frameworks, industry standards, and regulatory requirements.

-Strong analytical and problem-solving skills with attention to detail.

-Excellent communication and interpersonal skills.

-Experience with vendor risk management platforms is a plus.

-Ability to work independently and collaboratively in a team environment.

Experience:Relevant experience in risk management, information security, or vendor management, with a focus on third-party risk.

• Certification - ISO 27001 lead auditor is mandatory

Share Ur latest CV with details like-

1. Ctc

2. Expectation

3. Notice period

Regards,

Rajesh Kumar

AAYAM CONSULTANTS

Cell: - 9311232179/ 7011595674

Email id: - [HIDDEN TEXT]