TPRM Analyst

Job Description: TPRM Analyst

Location: Remote (India)

Shift: US Shift (Night Shift)

Experience Required: 2+ Years

Employment Type: Full-time

About the Role

We are seeking a motivated and detail-oriented TPRM Analyst with a strong background in Third-Party Risk Management and GRC (Governance, Risk & Compliance) frameworks. The ideal candidate should have hands-on experience assessing vendor risks, conducting due diligence, and ensuring compliance with organizational and regulatory requirements.

This is a remote opportunity that involves working with US-based clients and cross-functional teams to manage third-party risk effectively.

Key Responsibilities

• Perform vendor risk assessments and due diligence as part of the third-party onboarding process.
• Monitor third-party relationships to ensure compliance with internal risk policies and regulatory frameworks.
• Utilize GRC platforms to track, assess, and report on vendor risks.
• Collaborate with internal stakeholders to remediate identified risks and ensure proper risk mitigation plans.
• Prepare and maintain reports and dashboards highlighting risk metrics and compliance status.
• Support the implementation and continuous improvement of the TPRM framework, policies, and processes.
• Work closely with US-based teams, ensuring effective communication and alignment on project deliverables.

Required Skills & Qualifications

• 2+ years of relevant experience in TPRM, Vendor Risk Management, or GRC roles.
• Knowledge of frameworks like ISO 27001, NIST, SOC 2, PCI DSS, etc., is an added advantage.
• Hands-on experience with GRC tools such as Archer, ServiceNow, OneTrust, or similar platforms.
• Strong analytical skills to assess vendor controls, contracts, and compliance posture.
• Excellent communication skills, with the ability to work effectively in a remote, cross-functional environment.
• Flexibility to work in US shift timings.

Preferred Qualifications

• Prior experience working with US-based clients or projects.
• Familiarity with regulatory guidelines such as GDPR, HIPAA, CCPA, etc.
• Certifications such as CISA, CRISC, CTPRP, or ISO 27001 LA are a plus.