TPRM / GRC implementation- Lead

Company: Kiya.ai

Job Title

Location

Preferred Location:

Work Mode

CERTA SaaS Third-Party Risk Management (TPRM) platform

Role Summary

TPRM / GRC Solution Lead

Key Objectives (Outcomes)

1. Deploy an

   AI-enabled due-diligence workflow

   in CERTA (intake scoping assessment review closure) with measurable improvements in cycle time and quality.
2. Integrate CERTA with enterprise systems including

   Ivalua, ServiceNow, Moodys/Orbis (SSoR), UNY, Fusion/Connections, Access Hub, IDIP, Ecovadis

   , and SFTP/identity endpoints.
3. Operationalize

   data migration and AI governance

   (auditability, telemetry, model-risk controls) for TPRM.

Scope & Responsibilities

CERTA Solution Design & Configuration

• Lead solution architecture and configuration for

  CERTA TPRM

  including intake rules, control mapping, dynamic questionnaires, review gates, and closure workflows.
• Configure workflow automation, roles/permissions, approval paths, and exception handling.
• Document configurations, design decisions, and operational procedures.

Integrations & Data Architecture

• Design and implement

  secure integrations

  using REST APIs, webhooks, OAuth2/OIDC, and SFTP.
• Build and manage interfaces with

  Ivalua, ServiceNow, Orbis/SSoR, UNY, Fusion/Connections, Access Hub, IDIP

  , and other enterprise systems.
• Define monitoring, error handling, retries, reconciliation, and operational support models.
• Establish assessment and evidence

  data models, lineage, and traceability

  , aligned with SSoR/UVM standards.

Data Migration & Operational Readiness

• Lead migration of historical assessment data from

  SharePoint and legacy tools

  into CERTA.
• Ensure data quality, usability, and audit readiness post-migration.
• Define and execute

  cutover, hypercare, and stabilization

  activities.

AI-Enabled Due Diligence

• Embed AI-assisted capabilities such as

  prefill, evidence extraction, summarization, and reviewer assistance

  .
• Implement

  model governance, explainability, audit trails, and risk controls

  aligned with enterprise AI standards.

Testing, UAT & Enablement

• Define and execute

  UAT strategy

  , test scripts, regression packs, and defect triage.
• Produce

  runbooks, SOPs, desktop procedures, and training materials

  .
• Enable reporting and dashboards for

  SLA, KPI, and risk metrics

  .

Required Qualifications

• 10+ years

  of experience implementing

  GRC / TPRM platforms

  (CERTA, Archer, ServiceNow GRC, OneTrust, MetricStream, ProcessUnity, etc.).

• 5+ years

  of experience in

  cybersecurity and third-party risk assessments

  (SIG, ISO 27001, SOC 2, NIST CSF, cloud security controls).
• Strong hands-on experience with

  API integrations

  (REST/JSON, OAuth2/OIDC, event-driven integrations, SFTP).
• Experience working in

  regulated financial-services environments

  with audit and compliance requirements.
• Strong stakeholder management skills with the ability to convert

  policy and risk requirements into executable workflows

  .

** Interested candidates drop your resume to saarumathi.r@kiya.ai **