Third Party Risk Management Specialist - Information Security

Third-Party Risk Management (TPRM) Specialist : Experience : Relevant experience in risk management, information security, or vendor management, with a focus on third-party risk. 1. Experience in TPRM- should be minimum of 3 years 2. Total experience: 4 Years 2. Experience in Cybersecurity should be there. 3. Certification in the relevant area desired (Like ISO 27001 lead auditor, etc) Summary : The Third-Party Risk Management (TPRM) Analyst is responsible for assessing and managing the risks associated with third-party relationships to ensure the security, integrity, and compliance of the organization's information and assets. The role involves evaluating third-party vendors, conducting risk assessments, implementing risk mitigation strategies, and maintaining ongoing monitoring processes. Key Responsibilities : 1. Third-Party Risk Assessments : - Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture. - Collaborate with various stakeholders to gather relevant information and assess the impact of third- party relationships on the organization. 2. Risk Identification and Analysis : - Identify and analyze potential risks associated with third-party relationships, considering factors such as cybersecurity, data privacy, compliance, and business continuity. - Evaluate the inherent and residual risks and communicate findings to relevant stakeholders. 3. Compliance Management : - Ensure third-party vendors comply with industry regulations, legal requirements, and organizational policies. - Stay updated on relevant regulatory changes and communicate the impact on third-party risk management processes. 4. Policy Development and Implementation : - Contribute to the development and enhancement of third-party risk management policies and procedures. - Implement and enforce risk management frameworks to ensure consistent and effective risk assessments. 5. Monitoring and Reporting : - Establish and maintain ongoing monitoring mechanisms for third-party relationships. - Generate and provide regular reports on the status of third-party risks, key performance indicators, and mitigation efforts. 6. Vendor Due Diligence : - Conduct due diligence activities, including vendor background checks, financial assessments, and evaluation of their security and privacy practices. - Collaborate with legal and procurement teams to ensure that contractual agreements include necessary security and compliance clauses. 7. Collaboration and Communication: - Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to ensure a comprehensive approach to third-party risk management. - Communicate effectively with third-party vendors to address and resolve identified risks. Qualifications : - Bachelor's degree in a related field - Certification in relevant areas such as ISO27001 will be preferred. (ref:hirist.tech)

Location: delhi, IN

Posted Date: 5/13/2025