Third-Party Risk Management - Senior Analyst

About Broadridge:

Broadridge Financial Solutions Inc. (NYSE: BR) is a global Fintech leader with over 14,000 associates providing technology-driven solutions that power the financial services industry. We deliver industry-leading business process, technology platforms, data solutions, and communications to banks, broker-dealers, asset and wealth managers, and corporates worldwide.

We help our clients get ahead of today’s challenges and capitalize on what’s next with innovative, scalable, and secure solutions built on trusted technology and deep industry expertise.

Position: TPRM Senior process Analyst / Process Lead

Location: Hyderabad

Experience: 3 to 5 years

Department: Risk & Compliance / Information Security

Employment Type: Full-time

Role Overview:

Third-Party Risk Management (TPRM) Lead

This role requires a deep understanding of vendor lifecycle management, risk assessment methodologies, and regulatory compliance. You will collaborate with teams across procurement, compliance, information security, and operational risk functions across multiple geographies, contributing to a mature and efficient TPRM framework.

Key Responsibilities:

A. TPRM Program Management

• Lead the day-to-day operations and continuous improvement of the TPRM program, ensuring alignment with organizational risk appetite and regulatory expectations.
• Develop, maintain, and enforce TPRM policies, standards, and procedures.
• Manage the end-to-end vendor risk lifecycle—from onboarding through offboarding.
• Track remediation activities and collaborate with stakeholders to ensure timely closure of actions.

B. Risk Assessment & Due Diligence

• Conduct and oversee thorough due diligence assessments for new and existing third parties, focusing on security, privacy, resilience, and compliance aspects.
• Evaluate Service Organization Control (SOC) reports (SOC 1, SOC 2, SOC 3) and other assurance documentation to identify control gaps and inherent risks.
• Drive reassessment processes for critical and high-risk vendors based on trigger events or defined frequencies.
• Track and validate remediation of identified risks through corrective action plans.

C. Performance Monitoring & Reporting

• Implement and maintain vendor scorecards and performance metrics for continuous monitoring of third-party risk posture and contractual adherence.
• Prepare and present data-driven reports on TPRM status, high-risk vendors, and key performance indicators to senior management and relevant committees.

D. Incident Management & Response

• Act as the primary point of contact for managing third-party-related security or operational incidents.
• Validate vendor incident management processes and ensure timely and effective resolution of vendor-related disruptions.
• Collaborate with internal SME groups to create and execute action plans for risk mitigation.

E. Knowledge of ProcessUnity (ERP Tool)

• Hands-on experience with

  ProcessUnity

  or similar GRC/TPRM tools is an added advantage but not mandatory.

Required Qualifications

• 3 – 5 years of experience managing Third-Party Risk Management or Vendor Risk programs.
• Strong knowledge of TPRM frameworks, regulatory requirements, and global best practices (e.g., ISO 27001, Shared Assessments, SOA).
• Experience evaluating SOC reports and understanding control objectives and their impact on enterprise risk.
• Capability to execute comprehensive due diligence across multiple risk domains (Information Security, Business Continuity, Compliance, Financial Stability).
• Experience with incident management and crisis response related to third-party events.
• Proven ability to design and interpret vendor scorecards, reports, and key metrics.
• Strong analytical, organizational, and communication skills with demonstrated ability to influence stakeholders and vendors.

Why Join Broadridge

• Innovative Culture:

  Be part of a global technology leader driving digital transformation across financial services.

• Inclusive Environment:

  Collaborate with diverse teams that value integrity, collaboration, and excellence.

• Career Growth:

  Continuous learning, certifications, and advancement opportunities across domains and geographies.

• Impactful Work:

  Contribute directly to secure, resilient vendor ecosystems that protect client trust globally.

• Global Reach:

  Work with cross-functional teams and stakeholders across multiple regions and business lines.