Key Responsibilities

·       Manage end-to-end third-party risk engagements and client delivery.

·       Act as SME for TPRM, guiding teams on frameworks and best practices.

·       Lead client discussions and workshops on risk posture and mitigation.

·       Develop and implement risk scoring methodologies and dashboards.

·       Support business development through proposals and client presentations.

·       Hands-on experience with tools used in TPRM assessments and reporting such as service now, Archer, Process Unity.

·       Incorporate regulatory frameworks such as DORA and FEDRAMP into risk assessments.

·       Address privacy elements in third-party engagements and compliance.

·       Conduct control testing including end-to-end ITGC and PCI DSS evaluations.

Required Skills

·       Deep expertise in third-party risk management, IT security, and compliance.

·       Experience with ISO 27001, NIST, GDPR, and other regulatory standards.

·       Strong stakeholder management and leadership capabilities.

·       Certifications such as CISA, CISSP, ISO 22301 LA, are highly desirable.

·       Experience with control testing methodologies including ITGC and PCI DSS.

·       Familiarity with regulatory standards such as DORA and FEDRAMP.

·       Hands-on experience with tools used in third-party risk management.

·       Knowledge of privacy frameworks and data protection requirements.

·       Strong analytical, communication, and stakeholder management skills

Qualification/ Background:

·       B. E / B-Tech (Tier 1/2) or master’s degree in information security, Computer Science, or a related field

·       6 - 8 years of relevant experience in cybersecurity consulting, risk management, and compliance.

·       In-depth knowledge of security frameworks and standards (e.g., NIST, ISO 27001, COBIT).

 Location and way of working

·       Base location: Pune

·       Professional is required to work from office.