GRC Consultant - Cyber

Job Description

Job Description: TPRM GRC Specialist Location: Mohali Experience: 2+ years Role Overview: We are seeking a dedicated and detail-oriented Third-Party Risk Management (TPRM) Governance, Risk, and Compliance (GRC) Specialist to join our team. The ideal candidate will have hands-on experience in TPRM, GRC processes, and a strong understanding of risk management frameworks. This role is essential in ensuring that our organization’s third-party relationships are compliant with internal policies and external regulations, mitigating potential risks. Key Responsibilities: Assist in managing the third-party risk management lifecycle, including identifying, assessing, and mitigating risks associated with third-party relationships. Support the development and implementation of TPRM policies and procedures. Conduct risk assessments of third-party vendors, evaluating their security, compliance, and operational capabilities. Maintain and update the third-party risk register and ensure it is aligned with the organization’s risk management framework. Assist in developing and delivering risk reporting to key stakeholders, including senior leadership. Work closely with cross-functional teams, including legal, compliance, procurement, and IT security, to ensure comprehensive risk management across third-party relationships. Monitor and review third-party contracts and service level agreements (SLAs) to ensure compliance with organizational policies. Participate in internal and external audits related to third-party risk management. Support the GRC toolset, ensuring effective implementation and use of technology to streamline processes. Provide training and awareness programs to staff on third-party risk management best practices and policies. Skills & Qualifications: 2+ years of experience in TPRM, GRC, risk management, or a related field. Strong understanding of risk management principles, frameworks, and standards (e.g., ISO 27001, NIST, etc.). Experience with GRC tools and platforms (e.g., RSA Archer, MetricStream). Excellent communication skills, with the ability to interact effectively with stakeholders at all levels. Ability to conduct risk assessments and evaluate vendor security/compliance postures. Strong problem-solving skills and attention to detail. Ability to work independently and manage multiple priorities in a fast-paced environment. Knowledge of legal and regulatory requirements related to third-party risk management is a plus. If you have the required experience and are eager to make a significant impact in managing third-party risks, apply today! Show more Show less