Third-Party Risk Management

Job Description Job Title: Third-Party Risk Management (TPRM) Analyst Company : CyberAssure--https://cyberassure.one/ Years of Experience: 2-3 years+ Location: Sohna road , sector 49, Gurgaon Package: 7-9 lacs Summary: The Third-Party Risk Management (TPRM) Analyst is responsible for assessing and managing the risks associated with third-party relationships to ensure the security, integrity, and compliance of the organisation's information and assets. The role involves evaluating third-party vendors, conducting risk assessments, implementing risk mitigation strategies, and maintaining ongoing monitoring processes. Key Responsibilities: 1. Third-Party Risk Assessments: -Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture. -Collaborate with various stakeholders to gather relevant information and assess the impact of third-party relationships on the organisation. 2. Risk Identification and Analysis: -Identify and analyse potential risks associated with third-party relationships, considering factors such as cybersecurity, data privacy, compliance, and business continuity. -Evaluate the inherent and residual risks and communicate findings to relevant stakeholders. 3. Compliance Management: -Ensure third-party vendors comply with industry regulations, legal requirements, and organisational policies. -Stay updated on relevant regulatory changes and communicate the impact on third-party risk management processes. 4. Policy Development and Implementation: -Contribute to the development and enhancement of third-party risk management policies and procedures. -Implement and enforce risk management frameworks to ensure consistent and effective risk assessments. 5. Monitoring and Reporting: -Establish and maintain ongoing monitoring mechanisms for third-party relationships. -Generate and provide regular reports on the status of third-party risks, key performance indicators, and mitigation efforts. 6. Vendor Due Diligence: -Conduct due diligence activities, including vendor background checks, financial assessments, and evaluation of their security and privacy practices. -Collaborate with legal and procurement teams to ensure that contractual agreements include necessary security and compliance clauses. 7. Collaboration and Communication: -Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to ensure a comprehensive approach to third-party risk management. -Communicate effectively with third-party vendors to address and resolve identified risks. Qualifications and Skills: -Bachelor's degree in a related field (e.g., Information Security, Risk Management, Business Administration). -Certification in relevant areas, such as ISO27001, will be preferred. -Knowledge of third-party risk management frameworks, industry standards, and regulatory requirements. -Strong analytical and problem-solving skills with attention to detail. -Excellent communication and interpersonal skills. -Experience with vendor risk management platforms is a plus. -Ability to work independently and collaboratively in a team environment. Experience:Relevant experience in risk management, information security, or vendor management, with a focus on third-party risk. - Experience in TPRM- should be a minimum of 2 years - Experience in Cybersecurity- minimum of 2 years - Certification in the relevant area desired (Like ISO 27001 lead auditor, etc) Share Ur latest CV with details like- 1. Ctc 2. Expectation 3. Notice period Regards, Rajesh Kumar AAYAM CONSULTANTS Cell: - 9311232179/ 7011595674 Email id: - [HIDDEN TEXT]