Security architect GRC and TPRM

Number of Openings 1 ECMS ID in sourcing stage 516886 Assignment Duration 12 Months Total Yrs. of Experience 10+experience in the Technology industry. Relevant Yrs. of experience 3+years Security Architecture Experience Experience 3+ years Security Architecture Experience 1+ years focusing on Cloud/SaaS Security. Banking/Finance experience (highly preferred) 3 rd party risk/supplier security management (desirable) Collaborate with cross-functional teams to define security-related processes and contribute by providing inputs to deliver enhanced vendor management, SaaS assurance and monitoring framework. Be a part of the workgroup to identify areas for improvement and process efficiencies. Assess and document existing SaaS applications in line with the enhanced vendor management framework to identify control gaps, security risks, and propose mitigation controls. Assess the source of control gap and provide practical and achievable recommendations to mitigate the risk. Influence domain architecture, business/technology owners to ensure alignment with security requirements. Manage significant decisions with senior management, Technology and Business owners to ensure secure outcomes and appropriate governance practices are adhered to. Proactively managing identified risk of the solutions risk posture within agreed Risk Appetite and ensure compliance. Prepare executive summaries to keep stakeholders informed of progress and seek guidance where and as applicable. Train other team members on the new framework and associated process. Banking/Finance experience (highly preferred) Decision Quality , Strategic Mindset, Situational Adaptability, Self-awareness, Courage, Ensures Accountability Other capabilities (technical) Strong understanding of security principles, including threat modelling, controls and risk assessment Expertise in cloud security, particularly SaaS applications and third-party solutions. Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and other industry best practices. Proven ability to collaborate with diverse teams, including development, operations, and compliance. Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences. Proven experience, strong business engagement , influencing skills with the ability to navigate complex topics with fact-based analysis. Mandatory skills Cloud/SaaS Security , GRC with TPRM Desired/ Secondary skills Group Security Executives and Leadership Teams Strategic Sourcing and Third-Party Risks teams Governance, Risk and Compliance Technology delivery teams / execs Architecture Strategy Advisory Business domain Execs, Product Owners Strong understanding of security principles, including threat modelling, controls and risk assessment Expertise in cloud security, particularly SaaS applications and third-party solutions. Experience with security frameworks and standards such as ISO 27001, NIST Cybersecurity Framework and other industry best practices. Proven ability to collaborate with diverse teams, including development, operations, and compliance. Excellent communication and presentation skills to effectively convey complex technical information to both technical and non-technical audiences. Proven experience, strong business engagement , influencing skills with the ability to navigate complex topics with fact-based analysis. Understand the trade-offs involved in security vs change while simultaneously delivering technical capability business benefit. Domain Security Max Vendor Rate in Per Day (Currency in relevance to work location) 8000 INR Work Location given in ECMS ID Gurgaon Only WFO/WFH/Hybrid WFO Hybrid BG Check (Before OR After onboarding) Before Is there any working in shifts from standard Daylight (to avoid confusions post onboarding) YES/ NO No