TPRM Consultant

3 weeks ago

Tirupati, Andhra Pradesh, India Cubical Operations LLP Full time

Job Title: TPRM Manager

Location: Bangalore and Gurgaon (Work From Office)

Experience: 2+ Years

Employment Type: Full-Time

Job Summary:

We are seeking an experienced and proactive Third Party Risk Management (TPRM) Consultant to join our growing risk and compliance team. The ideal candidate will be responsible for managing the end-to-end third-party risk lifecycle, driving compliance with regulatory and organizational standards, and collaborating with cross-functional teams to ensure robust information security and risk management practices.

Key Responsibilities:

  • Lead and manage third-party risk assessments across vendors, service providers, and partners.
  • Evaluate vendor controls around cybersecurity, data privacy, compliance, and operational risk.
  • Collaborate with procurement, legal, IT security, and business teams to ensure third-party risks are identified, assessed, monitored, and mitigated effectively.
  • Ensure compliance with ISO 27001, regulatory requirements, and internal GRC frameworks.
  • Develop and maintain TPRM documentation, policies, processes, and metrics.
  • Work closely with audit and compliance teams for periodic reviews, internal audits, and external regulatory audits.
  • Monitor vendor performance and maintain an updated risk register.
  • Conduct control testing, review vendor SOC reports, and track remediation plans for non-compliance or control gaps.
  • Provide training and awareness sessions on third-party risk, GRC, and IT security standards to stakeholders.

Required Skills and Experience:

  • Minimum 2 years of hands-on experience in Third Party Risk Management (TPRM).
  • Strong knowledge of GRC frameworks, ISO 27001, IT Audit, and Network Security.
  • Experience with cloud security and assessing cloud-based vendors (AWS, Azure, GCP).
  • Familiarity with regulatory frameworks such as GDPR, RBI, SEBI, etc.
  • Experience in risk assessment methodologies, control frameworks (NIST, COBIT), and issue tracking/remediation processes.
  • Strong stakeholder management, analytical thinking, and problem-solving skills.
  • Excellent communication, documentation, and presentation skills.

Preferred Qualifications:

  • Bachelor's degree in Information Security, Computer Science, or a related field.
  • Certifications such as CISA, CRISC, ISO 27001 Lead Auditor/Implementer, CISSP, or similar are a plus.
  • Prior experience working in BFSI, IT/ITES, or consulting firms will be advantageous.

Immediate joiners preferred.