Job Description
Job Title
Associate Director / Director – Third Party Risk Management (TPRM)
Location
Mumbai
Experience
10+ Years (Relevant TPRM / GRC Experience)
Role Overview
We are seeking a seasoned Associate Director – TPRM to lead and scale third-party risk management engagements for large enterprise and Global Capability Center (GCC) clients. The role requires strong leadership, deep risk and compliance expertise, and proven experience managing complex, multi-stakeholder programs. Candidates from Big4 or leading consulting firms will be preferred.
Key Responsibilities
TPRM & Risk Leadership
- Lead end-to-end Third-Party Risk Management programs across onboarding, due diligence, continuous monitoring, and offboarding.
- Design and implement TPRM frameworks aligned with global standards and regulatory expectations.
- Oversee vendor risk assessments covering information security, cyber risk, data privacy, operational resilience, and regulatory compliance.
GCC & Global Engagements
- Manage and deliver large-scale GCC projects, supporting global clients across regions (US, EMEA, APAC).
- Act as the primary point of contact for global stakeholders, risk committees, and senior leadership.
- Ensure alignment of India-based delivery with global governance, policies, and reporting standards.
Governance, Compliance & Assurance
- Drive risk assessments aligned with ISO 27001, ISMS, SOC, data privacy regulations, and enterprise risk frameworks.
- Review and challenge third-party controls, remediation plans, and risk acceptances.
- Support internal and external audits related to vendor risk and regulatory reviews.
Stakeholder & Team Management
- Build and manage high-performing TPRM teams, including managers and consultants.
- Mentor team members and ensure quality, consistency, and timeliness of deliverables.
- Engage with CXOs, CISOs, CROs, procurement heads, and compliance teams.
Strategy & Practice Development
- Contribute to TPRM practice growth, solution development, and proposal responses.
- Support pre-sales discussions, client presentations, and account expansion initiatives.
- Stay current with emerging regulatory, cyber, and third-party risk trends.
Required Skills & Experience
- 10+ years of experience in TPRM, GRC, Cyber Risk, or Technology Risk roles.
- Strong hands-on experience delivering GCC and global client engagements.
- Prior experience with Big4 or top-tier consulting firms (preferred).
- Deep understanding of vendor risk domains: information security, cyber, data privacy, business continuity, and regulatory risk.
- Proven experience leading large teams and complex programs.
- Excellent stakeholder management, communication, and executive presentation skills.
Certifications (Preferred)
- CISA, CISM, CISSP
- ISO 27001 Lead Auditor / Lead Implementer
- CRISC or equivalent risk certifications
Education
- Bachelor’s degree in Engineering, Technology, or related field
- MBA or relevant postgraduate qualification is a plus
Associate Director / Director – Third Party Risk Management (TPRM)
Location
Mumbai
Experience
10+ Years (Relevant TPRM / GRC Experience)
Role Overview
We are seeking a seasoned Associate Director – TPRM to lead and scale third-party risk management engagements for large enterprise and Global Capability Center (GCC) clients. The role requires strong leadership, deep risk and compliance expertise, and proven experience managing complex, multi-stakeholder programs. Candidates from Big4 or leading consulting firms will be preferred.
Key Responsibilities
TPRM & Risk Leadership
- Lead end-to-end Third-Party Risk Management programs across onboarding, due diligence, continuous monitoring, and offboarding.
- Design and implement TPRM frameworks aligned with global standards and regulatory expectations.
- Oversee vendor risk assessments covering information security, cyber risk, data privacy, operational resilience, and regulatory compliance.
GCC & Global Engagements
- Manage and deliver large-scale GCC projects, supporting global clients across regions (US, EMEA, APAC).
- Act as the primary point of contact for global stakeholders, risk committees, and senior leadership.
- Ensure alignment of India-based delivery with global governance, policies, and reporting standards.
Governance, Compliance & Assurance
- Drive risk assessments aligned with ISO 27001, ISMS, SOC, data privacy regulations, and enterprise risk frameworks.
- Review and challenge third-party controls, remediation plans, and risk acceptances.
- Support internal and external audits related to vendor risk and regulatory reviews.
Stakeholder & Team Management
- Build and manage high-performing TPRM teams, including managers and consultants.
- Mentor team members and ensure quality, consistency, and timeliness of deliverables.
- Engage with CXOs, CISOs, CROs, procurement heads, and compliance teams.
Strategy & Practice Development
- Contribute to TPRM practice growth, solution development, and proposal responses.
- Support pre-sales discussions, client presentations, and account expansion initiatives.
- Stay current with emerging regulatory, cyber, and third-party risk trends.
Required Skills & Experience
- 10+ years of experience in TPRM, GRC, Cyber Risk, or Technology Risk roles.
- Strong hands-on experience delivering GCC and global client engagements.
- Prior experience with Big4 or top-tier consulting firms (preferred).
- Deep understanding of vendor risk domains: information security, cyber, data privacy, business continuity, and regulatory risk.
- Proven experience leading large teams and complex programs.
- Excellent stakeholder management, communication, and executive presentation skills.
Certifications (Preferred)
- CISA, CISM, CISSP
- ISO 27001 Lead Auditor / Lead Implementer
- CRISC or equivalent risk certifications
Education
- Bachelor’s degree in Engineering, Technology, or related field
- MBA or relevant postgraduate qualification is a plus
Apply for this Position
Ready to join ? Click the button below to submit your application.
Submit Application