Job Title

Key Skills: ISO 27001, Governance, Risk, and Compliance (GRC), Third party Risk Management, HIPAA, Risk ManagementRoles and Responsibilities: Lead the end-to-end third-party cybersecurity risk management lifecycle, including vendor onboarding, risk assessments, renewals, and off-boardingOperationalize enterprise TPRM policies, standards, and minimum security requirements across all third-party engagementsDefine and maintain vendor risk tiering, assessment methodologies, and review frequency based on data sensitivity, criticality, and regulatory impactEnsure consistent application of risk assessment processes across business unitsReview and validate third-party security assessments, questionnaires, and supporting evidenceIdentify cybersecurity, privacy, and operational risks associated with third-party servicesDrive remediation plans with business owners and vendors for identified gaps and control deficienciesSupport risk acceptance and exception processes, including documentation and leadership approvalsTrack remediation status, overdue actions, and residual riskPartner with Procurement, Legal, Privacy, Compliance, IT, and Business Owners throughout the vendor lifecycleProvide advisory input during contract reviews to ensure appropriate cybersecurity and data protection clauses are includedAct as a trusted advisor to business stakeholders on third-party cyber risk implications and mitigation strategiesGuide business teams through risk assessment requirements to support onboarding of new vendorsMaintain accurate third-party risk records in enterprise GRC / TPRM platforms (e.g., ServiceNow)Develop and present executive-level dashboards, metrics, and risk summaries for leadership consumptionMonitor third-party risk trends, concentration risks, and systemic control gapsSupport internal and external audits, regulatory reviews, and compliance assessments related to third-party riskIdentify opportunities to streamline, automate, and enhance third-party risk processesContribute to the evolution of TPRM policies, standards, and operating proceduresSupport continuous monitoring initiatives and integration of external risk intelligence where applicableDrive consistent, scalable, and auditable TPRM practices across the enterpriseKey Success Metrics:Timely completion of third-party risk assessmentsReduction in high-risk and overdue vendor findingsImproved audit outcomes and regulatory alignmentIncreased visibility of third-party cyber risk for leadershipMature, consistent, and scalable TPRM operationsSkills Required:Strong expertise in Third-Party Risk Management (TPRM) lifecycle (onboarding, due diligence, assessments, remediation, renewals, off-boarding)Deep understanding of Cybersecurity Governance, Risk, and Compliance (GRC) frameworksStrong knowledge of ISO 27001, HIPAA, and regulatory compliance requirementsExperience in vendor risk tiering, assessment methodologies, and control evaluationAbility to perform and review third-party security assessments, questionnaires, and evidence validationStrong understanding of cybersecurity, privacy, and operational risks in third-party ecosystemsExperience in risk identification, remediation tracking, and risk acceptance processesStrong knowledge of security controls, risk frameworks, and audit requirementsExperience working with GRC/TPRM tools (ServiceNow GRC or similar platforms)Ability to develop and present executive-level dashboards, risk metrics, and reportsStrong stakeholder management skills across Procurement, Legal, Compliance, IT, and Business teamsExperience in contract security reviews and defining cybersecurity clausesStrong analytical and problem-solving skills in risk evaluation and decision-makingExperience in audit support, regulatory reviews, and compliance assessmentsAbility to drive process improvements, automation, and scalability in TPRM programsStrong communication skills to act as a trusted advisor to business stakeholdersEducation: Any Graduation, Any Post GraduationNote: This role is open for both Hyderabad and Bangalore locations. Candidates currently based in Bangalore who are open to relocating to Hyderabad are also encouraged to apply.