Job Description

Project Role :

Security Architect

Project Role Description :

Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.

Must have skills :

Third Party IT Risk Management

Good to have skills :

Security Architecture Design

Minimum

12

year(s) of experience is required

Educational Qualification :

15 years full time education



Summary: Seeking an experienced Third-Party Risk Management (TPRM) Professional to lead and support the design, implementation, and maintenance of robust vendor risk management frameworks. This role ensures that third-party engagements comply with industry standards and regulations such as ISO/IEC 27001, PCI DSS, NIST CSF, SOC 2, GDPR, and others. The candidate will work cross-functionally to manage vendor risk assessments, oversee audits, and drive continuous improvement in third-party risk posture. A typical day involves building and running TPRM programs, solutioning complex vendor risk scenarios, and collaborating with internal teams to ensure compliance requirements are met. The role also includes developing scalable strategies for TPRM operations and leveraging automation tools for efficiency. Roles & Responsibilities: Roles & Responsibilities: Collaborate with stakeholders to define third-party risk management needs and priorities. Build, Run, and Solution TPRM Deals: Design and implement TPRM frameworks and processes, execute vendor risk assessments and ongoing monitoring, and provide strategic solutions including automation and scaling strategies for complex third-party risk scenarios. Conduct detailed due diligence on vendors, including questionnaires, evidence reviews, and risk rating. Perform independently as an SME or manage a team of TPRM professionals. Actively participate and contribute to client discussions. Provide solutions for complex compliance-related situations. Prepare reports, dashboards, and metrics for leadership on vendor risk status. Collaborate with cross-functional teams to identify and mitigate potential third-party risks. Professional & Technical Skills: Proficient in Third-Party Risk Management (TPRM) and vendor risk assessment methodologies. Strong understanding of compliance frameworks such as ISO 27001, PCI DSS, NIST, SOC 2, GDPR, and others. Ability to lead and manage TPRM initiatives across the organization. Experience in conducting gap assessments and implementing controls aligned with compliance standards. Exposure to TPRM tools and platforms (e.g., Archer, ServiceNow, OneTrust). Develop and maintain TPRM policies, procedures, and documentation in line with regulatory needs. Educate teams on vendor risk requirements and drive a culture of risk awareness. Relevant certifications: ISO 27001 LA/LI, CISA, CISM, CRISC, or equivalent. Additional Information: - The candidate should have minimum 12 years of experience in Third Party IT Risk Management. - This position is based at our Gurugram office. - A 15 years full time education is required.




15 years full time education