Job Description

Job Title

TPRM Consultant / Senior Consultant

Location

Mumbai | Bangalore

Experience

2+ Years (Relevant Experience in TPRM / GRC / ISMS)

Notice Period

Immediate to 30 Days (Early joiners preferred)

Role Overview

We are seeking a TPRM Consultant / Senior Consultant to support and execute Third-Party Risk Management engagements across multiple clients. The role involves assessing vendor risk, supporting GRC and ISMS initiatives, and ensuring compliance with ISO 27001 and related frameworks. The ideal candidate should be hands-on, process-oriented, and comfortable working with internal and external stakeholders.

Key Responsibilities

Third-Party Risk Management (TPRM)

  • Execute end-to-end third-party/vendor risk assessments.
  • Perform inherent risk assessments, control evaluations, and residual risk analysis.
  • Review vendor security questionnaires, policies, and supporting evidence.
  • Track remediation plans and follow up on risk treatment actions.

GRC & ISMS

  • Support Governance, Risk, and Compliance (GRC) activities across clients.
  • Assist in ISMS implementation, maintenance, and continual improvement initiatives.
  • Conduct risk assessments, risk registers, and risk treatment plans aligned to ISO 27001.
  • Support internal and external audits, including documentation and closure of findings.

Compliance & Reporting

  • Ensure compliance with ISO 27001 controls and related security standards.
  • Prepare risk assessment reports, dashboards, and management presentations.
  • Coordinate with business teams, IT, vendors, and audit stakeholders.

Required Skills & Experience

  • 2+ years of relevant experience in TPRM, GRC, or Information Security roles.
  • Hands-on exposure to Third-Party / Vendor Risk Assessments .
  • Working knowledge of ISMS and ISO 27001 (implementation, audits, or operations).
  • Understanding of risk assessment methodologies and control frameworks.
  • Strong documentation, reporting, and stakeholder communication skills.

Preferred Qualifications

  • ISO 27001 Lead Implementer / Lead Auditor (preferred, not mandatory).
  • Exposure to regulatory and compliance environments.
  • Experience working with consulting firms or enterprise clients is an advantage.

Employment Type

Full-time

Apply for this Position

Ready to join ? Click the button below to submit your application.

Submit Application