Third-Party Risk Management

Job Description

Job Title: Third-Party Risk Management (TPRM) Analyst

Company : CyberAssure--https://cyberassure.one/

Years of Experience: 2-3 years+

Location: Sohna road , sector 49, Gurgaon

Package: 7-9 lacs

Summary:

The Third-Party Risk Management (TPRM) Analyst is responsible for assessing and managing the risks associated with third-party relationships to ensure the security, integrity, and compliance of the organisation's information and assets. The role involves evaluating third-party vendors, conducting risk assessments, implementing risk mitigation strategies, and maintaining ongoing monitoring processes.

Key Responsibilities:

1. Third-Party Risk Assessments:

-Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture.

-Collaborate with various stakeholders to gather relevant information and assess the impact of third-party relationships on the organisation.

2. Risk Identification and Analysis:

-Identify and analyse potential risks associated with third-party relationships, considering factors such as cybersecurity, data privacy, compliance, and business continuity.

-Evaluate the inherent and residual risks and communicate findings to relevant stakeholders.

3. Compliance Management:

-Ensure third-party vendors comply with industry regulations, legal requirements, and organisational policies.

-Stay updated on relevant regulatory changes and communicate the impact on third-party risk management processes.

4. Policy Development and Implementation:

-Contribute to the development and enhancement of third-party risk management policies and procedures.

-Implement and enforce risk management frameworks to ensure consistent and effective risk assessments.

5. Monitoring and Reporting:

-Establish and maintain ongoing monitoring mechanisms for third-party relationships.

-Generate and provide regular reports on the status of third-party risks, key performance indicators, and mitigation efforts.

6. Vendor Due Diligence:

-Conduct due diligence activities, including vendor background checks, financial assessments, and evaluation of their security and privacy practices.

-Collaborate with legal and procurement teams to ensure that contractual agreements include necessary security and compliance clauses.

7. Collaboration and Communication:

-Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to ensure a comprehensive approach to third-party risk management.

-Communicate effectively with third-party vendors to address and resolve identified risks.

Qualifications and Skills:

-Bachelor's degree in a related field (e.g., Information Security, Risk Management, Business Administration).

-Certification in relevant areas, such as ISO27001, will be preferred.

-Knowledge of third-party risk management frameworks, industry standards, and regulatory requirements.

-Strong analytical and problem-solving skills with attention to detail.

-Excellent communication and interpersonal skills.

-Experience with vendor risk management platforms is a plus.

-Ability to work independently and collaboratively in a team environment.

Experience:Relevant experience in risk management, information security, or vendor management, with a focus on third-party risk.

- Experience in TPRM- should be a minimum of 2 years
- Experience in Cybersecurity- minimum of 2 years
- Certification in the relevant area desired (Like ISO 27001 lead auditor, etc)

Share Ur latest CV with details like-

1. Ctc

2. Expectation

3. Notice period

Regards,

Rajesh Kumar

AAYAM CONSULTANTS

Cell: - 9311232179/ 7011595674

Email id: - [HIDDEN TEXT]