Interesting Job Opportunity: Third Party Risk Management Specialist - Information Security

Third-Party Risk Management (TPRM) Specialist

• Experience in TPRM- should be minimum of 3 years
• Total experience: 4 Years
• Experience in Cybersecurity should be there.
• Certification in the relevant area desired (Like ISO 27001 lead auditor, etc)
  

Summary

Key Responsibilities

• Third-Party Risk Assessments :
• Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture.
• Collaborate with various stakeholders to gather relevant information and assess the impact of third- party relationships on the organization.
• Risk Identification and Analysis :
• Identify and analyze potential risks associated with third-party relationships, considering factors such as cybersecurity, data privacy, compliance, and business continuity.
• Evaluate the inherent and residual risks and communicate findings to relevant stakeholders.
• Compliance Management :
• Ensure third-party vendors comply with industry regulations, legal requirements, and organizational policies.
• Stay updated on relevant regulatory changes and communicate the impact on third-party risk management processes.
• Policy Development and Implementation :
• Contribute to the development and enhancement of third-party risk management policies and procedures.
• Implement and enforce risk management frameworks to ensure consistent and effective risk assessments.
• Monitoring and Reporting :
• Establish and maintain ongoing monitoring mechanisms for third-party relationships.
• Generate and provide regular reports on the status of third-party risks, key performance indicators, and mitigation efforts.
• Vendor Due Diligence :
• Conduct due diligence activities, including vendor background checks, financial assessments, and evaluation of their security and privacy practices.
• Collaborate with legal and procurement teams to ensure that contractual agreements include necessary security and compliance clauses.
• Collaboration and Communication:
• Collaborate with internal stakeholders, including IT, legal, compliance, and procurement teams, to ensure a comprehensive approach to third-party risk management.
• Communicate effectively with third-party vendors to address and resolve identified risks.
  

Qualifications

• Bachelor's degree in a related field
• Certification in relevant areas such as ISO27001 will be preferred.