Job Title

Dear Candidate,Greeting from TCS !!We are currently hiring for GRC (TPRM & Archer), PFB the JD for your reference. If you are interested in this opportunity.....Please confirm your availability for 04th Apr-2026 (Saturday) - In-Person InterviewWALK IN DRIVE DATE : 04-APR-2026WALK IN DRIVE LOCATION : Hyderabad, Chennai, MumbaiJob DescriptionSkill : GRC (TPRM & Archer)Experience: 5-16 yearsLocation: Hyderabad, Chennai, MumbaiTechnical/Functional Skills from the Role:Access management-Privilege access management , Segregation of duties, least privilege principle, RBAC , Password management , User access management, personal accounts & Non personal technical accounts Data security – Encryption at rest and in transit , Key lifecycle management, Ciphers, Secure operations- Log monitoring, Log protection, Log management, Endpoint security, Patching Data Leakage Prevention- Understanding of DLP tools & technologies, structured and unstructured data, Instances (Dev, Test , PROD), Email security, Data classification.Cyber Threat management – Threat & Vulnerability management, Hardening process, External attacks ( DDoS) , Penetration testing , Incident managementNetwork security- Basic network security components understanding ( Firewall, IDS ,IPS, WAF), Network ports & protocols, Network segmentation etc.System acquisition , development & Change management– SLDC process for application design , development , deployment & Operations including defined change controls for approval and testing.Operation resilience – BCP , Backup & restore, Records management , Data retention.Governance , risk & compliance- Polices , Procedures, Risk management framework , Cyber risk management, Supply chain risk management.Assurance reports – SOC 1, SOC 2 reports, ISO 27001 certificate including Statement of applicability, CSA star level 2 etcAsset management- Asset inventory , Hardware & Software Life cycle managementData center securityPhysical securityHR securityRelevant experience in TPRM (Program/Framework level).Expertise in Third Party Risk AssessmentsExpertise in cyber security including standards such as ISO27001, PCI-DSS, ISO 22301 etc. Experienced in review of SSAE18, SOC 2, HITRUST, SIG and CAIQ reports. Certifications such as CTPRP, CTPRA, CRVPM, CRISC, CISA, CISSP are good to have.Roles and Responsibilities:Should be able to develop and manage a comprehensive third party risk management framework / program. Should be able to drive regulatory compliance / remediation programs such as Digital Operational Resilience Act (DORA).Should be independently able to manage third party due diligence including initial risk assessments and ongoing monitoring.Contribute to governance and facilitate remediation recommendations of related risks, deficiencies, gaps or issues, advice with identifying compensating controls alternative where compliance requirements cannot be met.Document and present overall residual risk to higher management for approvals and risk acceptances.Interact with vendors, business, and multiple stakeholders to assess, explain and remediate the risks identified.Ongoing monitoring activities such as performance monitoring, contractual compliance, SLA/KPI adherence, negative news monitoring etc. Test design and operating effectiveness of TPRM controls, identify gaps and recommend improvements.Support key reporting activities associated within key functions. Perform adhoc IT risk analysis and reporting.Regards,Priscilla NancyHuman Resources - TAG CSPTata Consultancy Services