Third Party Security Risk Analyst

4 weeks ago

Bengaluru, Karnataka, India Broadridge Full time
Job Description

Key Responsibilities:

- Vendor Security Documentation Review
- Evaluate third-party security artifacts including SOC 2 Type II reports, ISO/IEC 27001 certificates (with Statement of Applicability), vulnerability assessments and penetration testing (VAPT) results, and security policy documentation. Identify gaps or weaknesses in vendor controls and document potential risks for review.
- Technical Capability Assessment
- Analyze vendor capabilities related to identity and access management (SSO, MFA), data protection (encryption at rest/in transit, field-level encryption, masking), integration options (agents or SDKs/libraries, APIs, webhooks, file-based), and logging (support for SIEM integration, event types, delivery mechanisms). Validate alignment with Broadridge standards.
- Stakeholder Communication and Guidance
- Provide subject matter expertise to Business stakeholders evaluating third-party solutions. Help translate security findings into business terms, and support vendor communications to clarify expectations and request missing documentation or clarifications on security capabilities.
- Continuous Improvement and Standardization
- Help refine the interactions between BISG and TPRM and the security assessment process by contributing to standard checklists, risk scoring models, and onboarding workflows. Stay current on emerging third-party security risks and recommend enhancements to evaluation criteria over time.

Required Skills and Qualifications:

- Bachelor s degree in computer science, information technology or a related field.
- 5-8 years of experience in Information Security, with at least 3 years in vendor security reviews or third-party risk management.
- Strong understanding of cloud service provider controls, SaaS architectures, and data protection strategies.
- Familiarity with security and compliance frameworks such as SOC 2, ISO 27001, NIST SP 800-53, and CIS Controls.
- Hands-on experience evaluating documentation such as SOC 2, VAPT reports, risk assessments, and policy/procedure artifacts.
- Working knowledge of IAM principles (SSO, MFA), secure integration practices (API security, encryption), and log management (SIEM integrations).
- Clear and concise written communication skills with the ability to summarize risk and control gaps effectively.
- Ability to collaborate across multiple stakeholder groups and manage competing priorities.

Preferred Qualifications:

- Experience working in a regulated industry (e. g. , financial services, healthcare, insurance).
- Certifications such as CCSK, CISA, CRISC, or Certified Third Party Risk Professional (CTPRP), Certified Third Party Risk Assessor (CTPRA), or Certified Third Party Risk Management Professional (C3PRMP).
- Familiarity with third-party risk tools and platforms (e. g. , ProcessUnity, Archer) is a plus.

  • Third Party Risk Analyst

    2 weeks ago

    Bengaluru, Karnataka, India Stripe Full time ₹ 9,00,000 - ₹ 12,00,000 per year

    About StripeStripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities. Our mission is to increase the GDP of the internet, and we have a staggering amount of work ahead....

  • Security Third Party Risk Manager

    6 days ago

    Bengaluru, Karnataka, India Docusign Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Company OverviewDocusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now,...

  • Security Third Party Risk Manager

    4 days ago

    Bengaluru, Karnataka, India DocuSign Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Company OverviewDocusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now,...

  • Cyber Security

    7 days ago

    Bengaluru, Karnataka, India, Karnataka Computacenter Full time

    Life on the teamOperates the Third-Party Cyber Risk Management framework to ensure cybersecurity risks related to our supply chain are effectively, managed to maintain a resilient and compliant security posture.What you’ll doOperate the Third-Party Cyber Risk Management Framework (~ 90%)• Third-Party Risk Management framework: operate processes and...

  • Junior Third-Party Risk Assessor

    2 weeks ago

    Bengaluru, Karnataka, India NETSACH GLOBAL Full time ₹ 4,00,000 - ₹ 12,00,000 per year

    Greetings from Netsach - A Cybersecurity Company.Job Summary:Our client, a leading bank based in Dubai, is looking for a Junior Third-Party Risk Assessor to join their growing Risk Management function. This entry-level role will support the assessment, monitoring, and governance of third-party service providers, ensuring compliance with internal policies and...

  • Senior Cybersecurity – Third Party Risk Management

    2 weeks ago

    Bengaluru, Karnataka, India AT&T Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Job Description:Role: Senior – Third Party Risk Management (TPRM)About the Company:Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold...

  • Senior Cybersecurity Third Party Risk Management

    1 week ago

    Bengaluru, Karnataka, India AT&T Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Job Description Role: Senior Third Party Risk Management (TPRM)About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold...

  • Third Party Risk Management

    2 weeks ago

    Bengaluru, Karnataka, India State Street Corporation Full time ₹ 6,00,000 - ₹ 12,00,000 per year

    Job Description Third-Party Risk Management Due Diligence - Tech Lead Role Summary State Street uses third parties to support internal processes and in the delivery of certain products and services to clients. These third parties are evaluated and risk assessed through our Third-Party Risk Management (TPRM) Program. The Due Diligence Onboarding...

  • Third Party Risk Management

    2 weeks ago

    Bengaluru, Karnataka, India Talent Worx Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    We are hiring for one of the BIG 4's in India, professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition.Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and...

  • IS Service Owner for Third Party Risk Management

    4 weeks ago

    Bengaluru, Karnataka, India ABB Limited Full time

    Job DescriptionAt ABB, we help industries outrun - leaner and cleaner. Here, progress is an expectation - for you, your team, and the world. As a global market leader, we'll give you what you need to make it happen. It won't always be easy, growing takes grit. But at ABB, you'll never run alone. Run what runs the world.This Position reports to:Global IS...