Third-Party Risk Management (TPRM) Analyst

Job Title                                : Third-Party Risk Management (TPRM) Analyst

Company                              : CyberAssure-- https://cyberassure.one/

Years of Experience           :  2-3 years +

Location                                : Sohna road , sector 49, Gurgaon

Package                                : 7-9 lacs

Summary:

The Third-Party Risk Management (TPRM) Analyst is responsible for assessing and managing the risks associated with third-party relationships to ensure the security, integrity, and compliance of the organisation's information and assets. The role involves evaluating third-party vendors, conducting risk assessments, implementing risk mitigation strategies, and maintaining ongoing monitoring processes.

Key Responsibilities:

 1. Third-Party Risk Assessments:

-         Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture.

-         Collaborate with various stakeholders to gather relevant information and assess the impact of third-party relationships on the organisation.

2. Risk Identification and Analysis:

-         Identify and analyse potential risks associated with third-party relationships, considering factors such as cybersecurity, data privacy, compliance, and business continuity.

-         Evaluate the inherent and residual risks and communicate findings to relevant stakeholders.

3. Compliance Management:

-         Ensure third-party vendors comply with industry regulations, legal requirements, and organisational policies.

-         Stay updated on relevant regulatory changes and communicate the impact on third-party risk management processes.

4. Policy Development and Implementation:

-         Contribute to the development and enhancement of third-party risk management policies and procedures.

-         Implement and enforce risk management frameworks to ensure consistent and effective risk assessments.

5. Monitoring and Reporting:

-         Establish and maintain ongoing monitoring mechanisms for third-party relationships.

-         Generate and provide regular reports on the status of third-party risks, key performance indicators, and mitigation efforts.

6. Vendor Due Diligence:

-         Conduct due diligence activities, including vendor background checks, financial assessments, and evaluation of their security and privacy practices.

-         Collaborate with legal and procurement teams to ensure that contractual agreements include necessary security and compliance clauses.

7. Collaboration and Communication:

-         Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to ensure a comprehensive approach to third-party risk management.

-         Communicate effectively with third-party vendors to address and resolve identified risks.

Qualifications and Skills:

-       Bachelor's degree in a related field (e.g., Information Security, Risk Management, Business Administration).

-       Certification in relevant areas, such as ISO27001, will be preferred.

-       Knowledge of third-party risk management frameworks, industry standards, and regulatory requirements.

-       Strong analytical and problem-solving skills with attention to detail.

-       Excellent communication and interpersonal skills.

-       Experience with vendor risk management platforms is a plus.

-       Ability to work independently and collaboratively in a team environment.

Experience:          Relevant experience in risk management, information security, or vendor management, with a focus on third-party risk.

• Experience in TPRM- should be a minimum of 2 years
• Experience in Cybersecurity- minimum of 2 years
• Certification in the relevant area desired (Like ISO 27001 lead auditor, etc)

Share Ur latest CV with details like-

1. Ctc

2. Expectation

3. Notice period

Regards,

Rajesh Kumar

AAYAM CONSULTANTS

Cell: - 9311232179/ 7011595674  

Email id: - [HIDDEN TEXT]