Job
Description
We are looking for a highly skilled and experienced Third-Party Risk as a Service (TPRaaS) - Staff to join our team in Bengaluru. The ideal candidate will have 1 to 4 years of experience in Third-Party Risk Management, with expertise in TPRM tools and technology solutions. ### Roles and Responsibility Participate in the delivery of Third-Party Risk Management (TPRM) engagements, including walkthroughs, testing, documentation, and other engagement-related activities. Provide delivery updates during vendor calls and client interactions. Follow policies and procedures to support the successful implementation of TPRM operating models. Assist in process walkthrough discussions to document end-to-end business processes and functional requirements. Contribute to assessing the application of legal and regulatory requirements to clients' TPRM practices. Identify process gaps and propose preventive/corrective actions. Demonstrate interest in developing knowledge of market trends, competitor activities, EY products, and service lines. Adhere strictly to fulfilling project activities to achieve exceptional client service. Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress. Conduct research and assist senior team members in preparing client presentations and information memorandums. Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments. Support management in the preparation of proposals and business development materials. Bring an innovative mindset and analytical thinking capability to enhance service delivery. ### Job Requirements Bachelor's degree in IT/Computer Science, BSc.(IT), BE, MCA from a tier 1 or tier 2 college. 1 to 4 years of demonstrated experience in Risk Management, preferably in Third-Party engagement lifecycle (pre-contracting, contracting, and post-contracting). Basic understanding of the TPRM framework, Risk Management, Information Security practices, and Contract Risk Reviews. Good exposure to TPRM tools and technology solutions, such as GRC enablement solutions (Process Unity, Prevalent, Archer, ServiceNow). Basic knowledge of standards like ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc., and privacy regulations like GDPR, CCPA, etc. Basic knowledge of TCP/IP, OSI layer, networking, security concepts, Physical & Environmental Security, Asset Security, and Identity & Access Management. Good to have certifications: CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer. Exposure to tools like ProcessUnity, ServiceNow, Archer is desirable.
