Job Title

Job TitleAssociate Director / Director – Third Party Risk Management (TPRM)LocationMumbaiExperience10+ Years (Relevant TPRM / GRC Experience)Role OverviewWe are seeking a seasoned Associate Director – TPRM to lead and scale third-party risk management engagements for large enterprise and Global Capability Center (GCC) clients. The role requires strong leadership, deep risk and compliance expertise, and proven experience managing complex, multi-stakeholder programs. Candidates from Big4 or leading consulting firms will be preferred.Key ResponsibilitiesTPRM & Risk LeadershipLead end-to-end Third-Party Risk Management programs across onboarding, due diligence, continuous monitoring, and offboarding.Design and implement TPRM frameworks aligned with global standards and regulatory expectations.Oversee vendor risk assessments covering information security, cyber risk, data privacy, operational resilience, and regulatory compliance.GCC & Global EngagementsManage and deliver large-scale GCC projects, supporting global clients across regions (US, EMEA, APAC).Act as the primary point of contact for global stakeholders, risk committees, and senior leadership.Ensure alignment of India-based delivery with global governance, policies, and reporting standards.Governance, Compliance & AssuranceDrive risk assessments aligned with ISO 27001, ISMS, SOC, data privacy regulations, and enterprise risk frameworks.Review and challenge third-party controls, remediation plans, and risk acceptances.Support internal and external audits related to vendor risk and regulatory reviews.Stakeholder & Team ManagementBuild and manage high-performing TPRM teams, including managers and consultants.Mentor team members and ensure quality, consistency, and timeliness of deliverables.Engage with CXOs, CISOs, CROs, procurement heads, and compliance teams.Strategy & Practice DevelopmentContribute to TPRM practice growth, solution development, and proposal responses.Support pre-sales discussions, client presentations, and account expansion initiatives.Stay current with emerging regulatory, cyber, and third-party risk trends.Required Skills & Experience10+ years of experience in TPRM, GRC, Cyber Risk, or Technology Risk roles.Strong hands-on experience delivering GCC and global client engagements.Prior experience with Big4 or top-tier consulting firms (preferred).Deep understanding of vendor risk domains: information security, cyber, data privacy, business continuity, and regulatory risk.Proven experience leading large teams and complex programs.Excellent stakeholder management, communication, and executive presentation skills.Certifications (Preferred)CISA, CISM, CISSPISO 27001 Lead Auditor / Lead ImplementerCRISC or equivalent risk certificationsEducationBachelor’s degree in Engineering, Technology, or related fieldMBA or relevant postgraduate qualification is a plus