Information Security & Vendor Risk Manager

Work Level

Core

Leadership

Industry Type

Function

Key Skills

Education

Note: This is a requirement for one of the Workassist Hiring Partner.

Role & Responsibilities:

Program Management

• Develop, implement, and continuously enhance the organization’s TPRM framework, policies, procedures, and guidelines.

Risk Assessment & Due Diligence

• Conduct comprehensive end-to-end security assessments of third parties throughout their lifecycle (onboarding, monitoring, and offboarding).
• Perform due diligence reviews of vendors, evaluating security controls, compliance posture, and operational effectiveness.
• Assess and recommend mitigating controls across:
• Network, Server, and Endpoint Security
• Data Protection (PII, Cardholder Data)
• Cloud Security (Azure / AWS / GCP / OCI)
• Encryption and API Security
• Review compliance with standards such as PCI-DSS, PCI-PIN, and PA-DSS as applicable.

Continuous Monitoring

• Establish and manage ongoing processes for periodic assessments and continuous monitoring of third-party security and compliance posture.

Risk Mitigation & Advisory

• Identify potential risks in third-party engagements and recommend effective mitigation strategies.
• Provide expert advisory on security control implementation and data protection in line with security-by-design principles.

Reporting & Stakeholder Engagement

• Lead audit planning, review reports, and present findings on third-party risk posture to senior management.
• Partner with business units on new third-party requirements, ensuring risks are assessed from the start.
• Collaborate with internal teams (Legal, Procurement, IT, CISO, Group Security) for an integrated TPRM approach.
• Support regulatory submissions and compliance requirements, particularly in the digital payments ecosystem.
• Act as a liaison with business partners to ensure compliance and regulatory assurance.

Compliance & Standards

• Ensure all third-party engagements comply with relevant laws, regulations, and industry standards.
• Validate adherence to recognized frameworks such as

  ISO 27001 (ISMS), SOC reports, and NIST Cybersecurity Framework

  .

Company Description

Workassist is an online recruitment and employment solution platform based in Lucknow, India. We provide relevant profiles to employers and connect job seekers with the best opportunities across various industries. With a network of over 10,000+ recruiters, we help employers recruit talented individuals from sectors such as Banking & Finance, Consulting, Sales & Marketing, HR, IT, Operations, and Legal.

We have adapted to the new normal and strive to provide a seamless job search experience for job seekers worldwide. Our goal is to enhance the job seeking experience by leveraging technology and matching job seekers with the right employers.

For a seamless job search experience, visit our website: https://bit.ly/3QBfBU2

(Note: There are many more opportunities apart from this on the portal. Depending on the skills, you can apply for them as well).

So, if you are ready for a new challenge, a great work environment, and an opportunity to take your career to the next level, don't hesitate to apply today. We are waiting for you!