Third Party Security Risk Analyst

6 days ago

Bengaluru, Karnataka, India Broadridge Full time
Job Description

Key Responsibilities:

- Vendor Security Documentation Review
- Evaluate third-party security artifacts including SOC 2 Type II reports, ISO/IEC 27001 certificates (with Statement of Applicability), vulnerability assessments and penetration testing (VAPT) results, and security policy documentation. Identify gaps or weaknesses in vendor controls and document potential risks for review.
- Technical Capability Assessment
- Analyze vendor capabilities related to identity and access management (SSO, MFA), data protection (encryption at rest/in transit, field-level encryption, masking), integration options (agents or SDKs/libraries, APIs, webhooks, file-based), and logging (support for SIEM integration, event types, delivery mechanisms). Validate alignment with Broadridge standards.
- Stakeholder Communication and Guidance
- Provide subject matter expertise to Business stakeholders evaluating third-party solutions. Help translate security findings into business terms, and support vendor communications to clarify expectations and request missing documentation or clarifications on security capabilities.
- Continuous Improvement and Standardization
- Help refine the interactions between BISG and TPRM and the security assessment process by contributing to standard checklists, risk scoring models, and onboarding workflows. Stay current on emerging third-party security risks and recommend enhancements to evaluation criteria over time.

Required Skills and Qualifications:

- Bachelor s degree in computer science, information technology or a related field.
- 5-8 years of experience in Information Security, with at least 3 years in vendor security reviews or third-party risk management.
- Strong understanding of cloud service provider controls, SaaS architectures, and data protection strategies.
- Familiarity with security and compliance frameworks such as SOC 2, ISO 27001, NIST SP 800-53, and CIS Controls.
- Hands-on experience evaluating documentation such as SOC 2, VAPT reports, risk assessments, and policy/procedure artifacts.
- Working knowledge of IAM principles (SSO, MFA), secure integration practices (API security, encryption), and log management (SIEM integrations).
- Clear and concise written communication skills with the ability to summarize risk and control gaps effectively.
- Ability to collaborate across multiple stakeholder groups and manage competing priorities.

Preferred Qualifications:

- Experience working in a regulated industry (e. g. , financial services, healthcare, insurance).
- Certifications such as CCSK, CISA, CRISC, or Certified Third Party Risk Professional (CTPRP), Certified Third Party Risk Assessor (CTPRA), or Certified Third Party Risk Management Professional (C3PRMP).
- Familiarity with third-party risk tools and platforms (e. g. , ProcessUnity, Archer) is a plus.

  • IT Third Party and Client Security Assurance Analyst

    2 weeks ago

    Bengaluru, Karnataka, India Aecome Full time

    Job DescriptionJob descriptionThe use of third parties is an essential element in AECOMs service delivery model and creates the need for management oversight and continuous monitoring of their security capabilities and performance. AECOM works with many third parties (e.g., vendors, partners, suppliers) each of which poses security, compliance and...

  • Third Party Risk Analyst

    2 weeks ago

    Bengaluru, Karnataka, India Stripe Full time ₹ 1,04,000 - ₹ 1,30,878 per year

    About StripeStripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead....

  • Gainsight - Third Party Risk Analyst

    2 weeks ago

    Bengaluru, Karnataka, India Gainsight Software Private Limited Full time

    About Stripe: - Stripe is a financial infrastructure platform for businesses.- Millions of companies-from the world's largest enterprises to the most ambitious startups-use Stripe to accept payments, grow their revenue, and accelerate new business opportunities.- Our mission is to increase the GDP of the internet, and we have a staggering amount of work...

  • Third Party Risk Manager

    7 days ago

    Bengaluru, Karnataka, India beBeeRisk Full time ₹ 8,00,000 - ₹ 13,00,000

    Senior Risk ConsultantWe are seeking an experienced Senior Risk Consultant to join our Third Party Risk Management team. The successful candidate will perform risk assessments and monitor third-party vendors for compliance with cybersecurity and regulatory standards.Main Responsibilities:Conduct thorough risk assessments of third-party vendors focusing on...

  • Third Party Risk Management Professional

    1 week ago

    Bengaluru, Karnataka, India beBeeSecurity Full time US$ 90,000 - US$ 1,20,000

    Job DescriptionEvaluate third-party engagement requests and conduct initial assessments to ensure alignment with industry best practices.Collaborate with business requestors, procurement, legal, and security teams to complete questionnaires timely and ensure understanding of security controls.Review responses to security questionnaires and assessment reports...

  • Junior Third-Party Risk Assessor

    2 weeks ago

    Bengaluru, Karnataka, India NETSACH GLOBAL Full time ₹ 8,00,000 - ₹ 12,00,000 per year

    Greetings from Netsach - A Cybersecurity Company.Job Summary:Our client, a leading bank based in Dubai, is looking for a Junior Third-Party Risk Assessor to join their growing Risk Management function. This entry-level role will support the assessment, monitoring, and governance of third-party service providers, ensuring compliance with internal policies and...

  • Third Party Risk Management Executive

    2 weeks ago

    Bengaluru, Karnataka, India beBeeRiskManagement Full time ₹ 14,59,699 - ₹ 33,51,720

    Job Title: Manager - Third Party Risk ManagementWe are seeking an experienced professional to join our team as a Manager, Third Party Risk Management. The successful candidate will be responsible for managing third-party risks and ensuring the highest level of quality and security through effective risk management practices.About This Role:This is a critical...

  • Third Party Risk Management Specialist

    7 days ago

    Bengaluru, Karnataka, India beBeeRiskManagement Full time ₹ 15,00,000 - ₹ 28,00,000

    We are seeking a seasoned professional to join our team as a Third Party Risk Management Specialist. As a key member of our organization, you will be responsible for identifying and mitigating risks associated with third-party vendors.This role requires a deep understanding of risk management principles and practices. You should have excellent analytical and...

  • Service Owner for Third Party Risk Governance

    1 week ago

    Bengaluru, Karnataka, India beBeeRiskManagement Full time ₹ 1,06,32,399 - ₹ 2,12,64,798

    Job DescriptionThe Service Owner for Third Party Risk Management is responsible for designing, implementing and maintaining the framework to deliver services in scope on time, within budget and in line with customer expectations. This role will also be responsible for running due diligence/assessments to manage third party risk (IT Risk) of ABB's suppliers,...

  • Third Party Risk Management

    2 weeks ago

    Bengaluru, Karnataka, India State Street Full time

    Third-Party Risk Management Due Diligence - Tech Lead Role Summary State Street uses third parties to support internal processes and in the delivery of certain products and services to clients These third parties are evaluated and risk assessed through our Third-Party Risk Management TPRM Program The Due Diligence Onboarding Senior Associate is...