TPRM Manager – Cybersecurity

Job DescriptionJob Title: TPRM Manager – Cybersecurity & Technology Risk Location: Ahmedabad, India Experience: 7+ Years Department: Technology Risk, Cybersecurity & TPRM Consulting Reporting To: Regional Partner / Director – Technology Risk & Cybersecurity Notice Period: Early joiners preferredRole OverviewWe are seeking a highly capable and self-driven TPRM Manager to establish and scale the Third Party Risk Management practice in Ahmedabad. This is a leadership role in a growing geography, requiring independent ownership of client engagements, end-to-end vendor risk assessments, stakeholder management, and contribution to regional practice and revenue growth.The ideal candidate will have strong expertise in TPRM, IT Risk Management, and Information Security, with hands-on experience in vendor assessments, control evaluations, and regulatory compliance across BFSI and regulated industries.Key Responsibilities1. Client & Engagement ManagementIndependently lead TPRM engagements for clients across BFSI, Telecom, Manufacturing, Healthcare, and GCCs.Act as the single point of contact for TPRM engagements in the Ahmedabad region.Build trusted relationships with CXOs, CISOs, Procurement Heads, Compliance, and Internal Audit leaders.Plan, scope, and execute third-party risk assessments aligned with industry standards and regulatory expectations.Review assessment reports, risk ratings, and remediation plans to ensure quality, consistency, and timely delivery.2. TPRM & Risk Assessment DeliveryConduct end-to-end vendor risk assessments, including inherent risk scoring and residual risk evaluation.Assess third-party controls across:Information Security & CybersecurityIT General Controls (ITGC)Data Privacy & Regulatory ComplianceBusiness Continuity & Disaster Recovery (BCP/DR)Cloud and Outsourced Service ProvidersPerform SOC 1 / SOC 2 report reviews, control gap analysis, and risk acceptance recommendations.Evaluate compliance with frameworks and regulations such as ISO 27001, NIST CSF, CIS Controls, RBI, SEBI, GDPR, and local data protection requirements.Coordinate with specialist teams for VAPT, cloud security, and privacy assessments where required.3. Stakeholder & Team LeadershipCollaborate with internal stakeholders including partners, service line leaders, legal, compliance, and delivery teams across regions.Provide technical guidance, mentoring, and quality reviews for junior consultants and analysts.Represent the Ahmedabad location in regional TPRM capability-building initiatives and leadership forums.4. Business Development & Market GrowthIdentify and develop opportunities in TPRM, vendor risk, and digital trust services.Support proposal development, RFP responses, and client presentations.Participate in industry forums, client workshops, and thought leadership initiatives focused on third-party risk.Contribute to regional revenue targets and help build a local TPRM client portfolio.Qualifications & ExperienceEducation: B.E./B.Tech in Computer Science, IT, or related discipline (MBA preferred).Experience:7+ years of experience in TPRM, IT Risk, Cybersecurity, or Technology Risk Consulting.Hands-on experience in vendor risk assessments, SOC report reviews, and regulatory compliance.Proven ability to manage end-to-end client engagements independently.Exposure to business development and client acquisition is a strong advantage.Certifications (Preferred)CISACISMISO 27001 Lead AuditorCRISCThird Party Risk / Vendor Risk certificationsData Privacy certifications (preferred)Core Skills & CompetenciesStrong understanding of TPRM lifecycle, inherent risk scoring, due diligence, and continuous monitoring.Working knowledge of ISO 27001, NIST CSF, CIS Controls, COBIT, RBI & SEBI guidelines, and global regulatory expectations.Ability to translate vendor control gaps into business and regulatory risk.Excellent communication, presentation, and stakeholder management skills.