Job TitleAssociate Director / Director – Third Party Risk Management (TPRM) & Data PrivacyLocationMumbaiExperience10+ Years (Relevant TPRM / GRC Experience)Role OverviewWe are seeking a seasoned Associate Director – TPRM to lead and scale third-party risk management engagements for large enterprise and Global Capability Center (GCC) clients. The role requires strong leadership, deep risk and compliance expertise, and proven experience managing complex, multi-stakeholder programs. Candidates from Big4 or leading consulting firms will be preferred.Key ResponsibilitiesTPRM & Risk Leadership- Lead end-to-end Third-Party Risk Management programs across onboarding, due diligence, continuous monitoring, and offboarding. - Design and implement TPRM frameworks aligned with global standards and regulatory expectations. - Oversee vendor risk assessments covering information security, cyber risk, data privacy, operational resilience, and regulatory compliance.GCC & Global Engagements- Manage and deliver large-scale GCC projects, supporting global clients across regions (US, EMEA, APAC). - Act as the primary point of contact for global stakeholders, risk committees, and senior leadership. - Ensure alignment of India-based delivery with global governance, policies, and reporting standards.Governance, Compliance & Assurance- Drive risk assessments aligned with ISO 27001, ISMS, SOC, data privacy regulations, and enterprise risk frameworks. - Review and challenge third-party controls, remediation plans, and risk acceptances. - Support internal and external audits related to vendor risk and regulatory reviews.Stakeholder & Team Management- Build and manage high-performing TPRM teams, including managers and consultants. - Mentor team members and ensure quality, consistency, and timeliness of deliverables. - Engage with CXOs, CISOs, CROs, procurement heads, and compliance teams.Strategy & Practice Development- Contribute to TPRM practice growth, solution development, and proposal responses. - Support pre-sales discussions, client presentations, and account expansion initiatives. - Stay current with emerging regulatory, cyber, and third-party risk trends.Required Skills & Experience- 10+ years of experience in TPRM, GRC, Cyber Risk, or Technology Risk roles. - Strong hands-on experience delivering GCC and global client engagements. - Prior experience with Big4 or top-tier consulting firms (preferred). - Deep understanding of vendor risk domains: information security, cyber, data privacy, business continuity, and regulatory risk. - Proven experience leading large teams and complex programs. - Excellent stakeholder management, communication, and executive presentation skills.Certifications (Preferred)- CISA, CISM, CISSP - ISO 27001 Lead Auditor / Lead Implementer - CRISC or equivalent risk certificationsEducation- Bachelor’s degree in Engineering, Technology, or related field - MBA or relevant postgraduate qualification is a plus
Job Title
Associate Director – Third Party Risk Management (TPRM)