Sr. Manager, Information Security Third-party Risk Management

3 days ago


Bengaluru, Karnataka, India Grant Thornton Full time ₹ 15,00,000 - ₹ 25,00,000 per year

Role Description

The Senior Manager, Information Security Third-party Risk Management position will be an integral member of the Information Security and Risk Management team. This role will be responsible for design, development, implementation and monitoring of risk management program. Work in Chief Information Security Officer (CISO) office under Associate Director, Information Security Governance, Risk and Compliance, this role serves as an information security technology professional for Grant Thornton to support the design, implementation, and maintenance of a cohesive information security governance, risk and compliance program. The successful candidate will have a good mix of deep technical knowledge, understanding of industry best practice, frameworks and regulations, and a demonstrated background in information security risk management program.

An experienced and motivated risk and compliance individual contributor is needed to work across a matrixed team in place today and growing in the future. The successful candidate has a track record of developing strong relationships, collaborating across teams, coordinating multiple timelines, and managing complex, cross discipline projects

Skills

The ideal candidate:

is a self-starter, with the ability to drive tasks to completion independently and learn new skills on the job as program requirements evolve.

possesses strong business judgment, deep analytical thinking, is comfortable managing multiple responsibilities within a fast-paced environment, and has worked collaboratively with others to develop, implement, and communicate business improvement and innovative strategies.

possesses strong verbal and written communication skills, a solution-oriented approach, and relationship-building skills are important attributes to succeed in this role.

global view of their business and think in terms of immediate problem solving but also automating, expanding, and scaling solutions broadly.

thinks strategically at a global level and effectively develop key processes, procedures and communications that facilitate cross-functional implementation of risk management processes and risk reporting.

Responsibilities:

  • Advance the information security third-party risk management framework and develop risk appetite
  • Develop effective strategies for addressing high-risk suppliers.
  • Oversee and perform security risk assessments, business impact analyses, and security control evaluations across third-party vendors in OneTrust.

Prepare risk register in OneTrust to monitor and track risks.

  • Provide supply chain security assessment remediation oversight and facilitate development of CUECs to document shared responsibility model.
  • Perform client MSA security terms and conditions review and provide feedback to legal team.
  • Ensure compliance with relevant firm security policies.
  • Support iterative review of assessment results, working with appropriate stakeholders across the lines of defense
  • Establish risk reporting and escalation processes
  • Remain up to date with emerging threats, best practices and relevant legislation
  • Work and communicate hand-in-hand with both external and internal stakeholders on critical issues that are directly impacting the business.
  • Contribute to the development of scalable models and tools that speed up both decision making and accuracy for the organization.
  • Meet with stakeholders to gather and integrate feedback and evangelize the program
  • Perform and facilitate the collection, review, and assimilation of risk assessment data and reporting into concise and meaningful reports/dashboards for leadership. Take leading role in drafting and presenting deep-dive documents, including responses to senior executives.


  • Bengaluru, Karnataka, India Docusign Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    Company OverviewDocusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now,...


  • Bengaluru, Karnataka, India DocuSign Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    Company OverviewDocusign brings agreements to life. Over 1.5 million customers and more than a billion people in over 180 countries use Docusign solutions to accelerate the process of doing business and simplify people's lives. With intelligent agreement management, Docusign unleashes business-critical data that is trapped inside of documents. Until now,...


  • Bengaluru, Karnataka, India AT&T Full time ₹ 20,00,000 - ₹ 25,00,000 per year

    Job Description Role: Senior Third Party Risk Management (TPRM)About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold...


  • Bengaluru, Karnataka, India ABB Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    This Position reports to:Global IS Manager - SRC Advisory and AssessmentsYour role and responsibilitiesThe Service Owner for Third Party Risk Management(TPRM), within IS SRC Advisory & Assessments organization is responsible for designing, implementing and maintaining the framework to deliver the services in scope in time, budget and in line with the...

  • Cyber Security

    2 weeks ago


    Bengaluru, Karnataka, India, Karnataka Computacenter Full time

    Life on the teamOperates the Third-Party Cyber Risk Management framework to ensure cybersecurity risks related to our supply chain are effectively, managed to maintain a resilient and compliant security posture.What you’ll doOperate the Third-Party Cyber Risk Management Framework (~ 90%)• Third-Party Risk Management framework: operate processes and...


  • Bengaluru, Karnataka, India BNP Paribas Full time ₹ 15,00,000 - ₹ 25,00,000 per year

    ResponsibilitiesDirect Responsibilities The CIB ITO TPRM Governance is focused on development and deployment of robust control framework for all internal and external third-party services globally. CIB ITO Offshore TPRM business manager responsibilities includes but not limited to.Working with owners of various businesses and processes across regions to map...


  • Bengaluru, Karnataka, India Talent Worx Full time ₹ 12,00,000 - ₹ 36,00,000 per year

    We are hiring for one of the BIG 4's in India, professionals leverage the global network of firms, providing detailed knowledge of local laws, regulations, markets, and competition.Our client in India offers services to national and international clients in India across sectors. We strive to provide rapid, performance-based, industry-focused, and...


  • Bengaluru, Karnataka, India Equiniti Full time ₹ 8,00,000 - ₹ 24,00,000 per year

    Management LevelGCore Duties/ResponsibilitiesRisk Identification, Assessment and AnalysisAssist and conduct comprehensive risk assessments to identify potential cybersecurity threats and vulnerabilities across EQ's infrastructure, data, applications, mobile and networks.Assist in conducting comprehensive security risk assessments for internal systems,...

  • Sr Associate, Legal

    4 days ago


    Bengaluru, Karnataka, India, Karnataka Capital One Full time

    At Capital One India, we solve fundamental business problems at scale using advanced analytics, data science and machine learning. We specialize in deriving valuable insights about various aspects of the business - including product and process design, consumer behavior, regulatory and credit risk, and much more - from large volumes of data to build cutting...


  • Bengaluru, Karnataka, India KPMG Global Services Full time ₹ 1,04,000 - ₹ 1,30,878 per year

    6+ years Information Security Governance, Privacy and Compliance and Security Assessment, experience, with a focus on IT and IS Risk Assessments and program reviews / establishment. Familiarity with and demonstrated experience assessing against the BS ISO/IEC/SIG  27002:2005 BS 7799 standard domains, BS 25999 including Risk Assessment; Security policy;...