TPRM Consultant - Cyber

Job Title: Consultant/Senior Consultant – Third-Party Risk Management (TPRM)Location: Mumbai, IndiaExperience Required: Minimum 2 to 6 years in TPRM / Vendor Risk / Information Security / Risk AdvisoryEmployment Type: Full-timeAbout the RoleWe are looking for a skilled and motivated Consultant/Senior Consultant – Third-Party Risk Management (TPRM) to join our Risk Advisory / Cyber Risk / Governance team in Bangalore. The ideal candidate will have hands-on experience managing third-party risk programs, performing vendor assessments, and ensuring compliance with regulatory and internal risk frameworks.Key Responsibilities- Lead and execute third-party risk assessments (security, privacy, operational, financial, compliance, etc.). - Evaluate vendors against defined risk frameworks (e.g., ISO 27001, SOC 2, GDPR, NIST, etc.). - Review vendor due diligence questionnaires and supporting evidence for risk identification. - Support the design, implementation, and enhancement of TPRM programs, policies, and processes. - Track and monitor remediation plans and ensure closure of identified vendor risks. - Collaborate with internal stakeholders such as procurement, legal, compliance, and IT security teams. - Contribute to automation and process improvement initiatives within the TPRM function. - Prepare risk reports, dashboards, and metrics for management review. - Mentor junior team members and support client engagements as a subject matter contributor.Required Skills & Qualifications- Bachelor’s degree in information technology, Risk Management, or related field (Master’s preferred). - Minimum 3 years of experience in Third-Party Risk Management, Vendor Risk, or related domains. - Strong understanding of risk frameworks and standards such as ISO 27001, NIST, SOC 2, and SIG questionnaires. - Experience with TPRM tools such as Archer, Process Unity, OneTrust, Coupa Risk Assess, or similar platforms. - Good understanding of information security, privacy, and compliance requirements. - Excellent analytical, communication, and stakeholder management skills. - Ability to work independently and manage multiple priorities in a dynamic environment.Preferred Certifications (Nice to Have)- CTPRP / CTPRA - ISO 27001 LA / LI - CISA / CRISC / CISSP - Any certification in risk management or cybersecurity

Apply Now