TPRM Lead

Job Description – TPRM Lead (with Data Privacy Exposure)

Designation: TPRM Lead

Location: Bangalore

Experience Required: 6+ years

Priority: Immediate Joiner

Role Overview

We are seeking an experienced Third-Party Risk Management (TPRM) Lead with exposure to Data Privacy compliance. The candidate will be responsible for managing end-to-end TPRM programs, ensuring compliance with regulatory requirements, and integrating data privacy controls into vendor risk processes.

Key Responsibilities

• Lead and manage the Third-Party Risk Management lifecycle (onboarding, due diligence, risk assessments, monitoring, and offboarding).
• Conduct third-party risk and privacy impact assessments covering cybersecurity, operational, financial, and data protection risks.
• Design and implement governance frameworks, policies, and procedures for vendor risk management.
• Collaborate with legal, compliance, procurement, IT security, and data privacy teams to ensure vendor compliance.
• Track and report third-party risk metrics to senior stakeholders.
• Stay updated on regulatory requirements such as ISO 27001, GDPR, PDPB, CCPA, HIPAA, and NIST frameworks.
• Mentor junior team members and lead TPRM-related audits and remediation activities.

Qualifications & Skills

• 6+ years of experience in TPRM, Risk Management, or Vendor Risk.
• Strong understanding of data privacy regulations (GDPR, PDPB, CCPA, etc.) and how they apply to vendor relationships.
• Knowledge of GRC platforms and vendor risk tools.
• Excellent stakeholder management, communication, and leadership skills.
• Certifications preferred: CISA, CISM, CRISC, ISO 27001 Lead Auditor, CIPP/E, DCPP.
• Immediate joiner will be given priority.