Third Party Risk Management Specialist - Information Security

Role Overview: As a Third-Party Risk Management (TPRM) Specialist, your primary responsibility will be to assess and manage the risks associated with third-party relationships to safeguard the security, integrity, and compliance of the organization's information and assets. Leveraging your 4 years of experience, including a minimum of 3 years in TPRM, and your expertise in risk management, information security, and cybersecurity, you will play a vital role in evaluating third-party vendors, conducting risk assessments, implementing mitigation strategies, and maintaining monitoring processes effectively. Key Responsibilities: - Conduct thorough assessments of potential and existing third-party vendors to evaluate their security controls, data protection practices, and overall risk posture. - Collaborate with various stakeholders to gather relevant information and assess the impact of third-party relationships on the organization. - Identify and analyze potential risks associated with third-party relationships, considering cybersecurity, data privacy, compliance, and business continuity aspects. - Evaluate inherent and residual risks, and communicate findings to relevant stakeholders. - Ensure third-party vendors adhere to industry regulations, legal requirements, and organizational policies. - Stay updated on regulatory changes and communicate their impact on third-party risk management processes. - Contribute to the development and enhancement of third-party risk management policies, procedures, and frameworks. - Establish and maintain monitoring mechanisms for third-party relationships and generate reports on risk status, key performance indicators, and mitigation efforts. - Conduct due diligence activities, collaborate with legal and procurement teams, and communicate effectively with third-party vendors to address identified risks. Qualification Required: - Bachelor's degree in a related field. - Certifications in relevant areas such as ISO27001 will be preferred. (Note: Any additional details of the company were not found in the provided job description),