TPRA / TPRM Manager (Third-Party Risk Assessment) - Cyber

Job Title: TPRA / TPRM Manager (Third-Party Risk Assessment)Experience: 6+ Years Location: Remote – India Shift: US Shift (5:00 PM – 2:00 AM IST / as per client alignment) Employment Type: Full-timeRole OverviewWe are seeking an experienced TPRA / TPRM Manager to lead and manage end-to-end third-party risk assessment programs for global clients. The role requires strong exposure to vendor risk assessments, information security, regulatory compliance, and stakeholder management, with hands-on ownership of complex TPRA engagements.Key ResponsibilitiesThird-Party Risk & AssessmentsLead end-to-end Third-Party Risk Assessments (TPRA) across IT, cybersecurity, privacy, and operational risk domainsPerform inherent risk assessments, control evaluations, residual risk ratings, and risk acceptance workflowsReview and assess vendor responses to security questionnaires (SIG, CAIQ, custom frameworks)Conduct evidence-based reviews covering InfoSec, ITGC, BCM/DR, privacy, and regulatory controlsRisk Governance & ComplianceMap third-party risks to frameworks such as ISO 27001, NIST, SOC 2, PCI DSS, GDPR, and DPDPAIdentify gaps, define remediation plans, and track issue closure with vendorsSupport regulatory, audit, and client assurance requirements related to vendor riskStakeholder & Client ManagementAct as the primary point of contact for global clients and internal stakeholdersLead discussions with vendors, procurement, legal, compliance, and security teamsPrepare clear risk reports, executive summaries, and dashboards for senior managementTeam LeadershipReview and quality-check assessments performed by consultants/senior consultantsProvide mentoring, guidance, and technical oversight to junior team membersEnsure adherence to SLAs, timelines, and quality standardsRequired Skills & Experience6+ years of experience in TPRA / TPRM / Vendor Risk / GRC / Cyber RiskStrong hands-on experience with third-party/vendor risk assessmentsSolid understanding of ISO 27001, SOC 2, NIST, PCI DSS, GDPR, DPDPAExperience reviewing security controls, policies, procedures, and audit reportsExcellent communication skills for US client interactionsComfortable working independently in a remote, US-shift environmentCertifications (Preferred)CISA, CISM, CISSP, CRISC, ISO 27001 LA/LI (any relevant certification is an advantage)Additional DetailsRemote role within IndiaUS time zone alignment is mandatoryImmediate to early joiners preferred

Apply Now