140 Tprm Jobs

In this role at EY, you will be a part of the EY GDS-ServiceNow team where you will work on solving client problems using the ServiceNow platform. You will have the opportunity to work with a high-quality team and develop innovative products to address client needs. **Key Responsibilities:** - Perform configuration and customization of the ServiceNow system, including the creation of workflows. - Build service request fulfillment workflows based on customer requirements using workflows, UI actions, client scripts, and business rules. - Utilize scripting tools and ServiceNow functionality to automate routine tasks. - Execute integrations and process automation using Orchestration, Web Services, SOAP calls, etc. - Gather specifications from business departments and deliver products/releases that meet the presented needs. - Collaborate with business liaisons to generate dashboards, home pages, performance analytics data collectors, and reports. - Analyze user stories and internal procedures to improve system capabilities and automate process workflows. - Conduct system and integration testing with sample and live data. **Skills and Attributes for Success:** - Experience in Integrations with Third-Party tools. - Experience in Playbook implementation. - Integrating with internal and external applications and systems. - Worked on UI Builder and have experience in building custom UI. - Implementation experience in CSM, FSO. - Implementation/knowledge experience in TPRM and IRM. - Knowledge of Dispute Management Systems. **Qualifications Required:** - College degree in a related technology field (Computer, Engineering, Science, etc.) or comparable job experiences. - ServiceNow CSA Certification is a must. - Good to have CIS-CSM certification. - Approximately 2 to 3 years of experience in a development role. - ServiceNow CIS certifications are a plus. In addition to the technical skills, you are expected to have experience with SDLC, TFS, JIRA, or equivalent tools to maintain stories and knowledge about the latest features of ServiceNow. At EY, you will be part of a team that values commercial acumen, technical expertise, and a willingness to learn in a dynamic environment. You will have the opportunity to work with leading businesses globally and be involved in inspiring and meaningful projects. EY offers support, coaching, and feedback from engaging colleagues, opportunities for skill development and career progression, as well as the freedom and flexibility to shape your role according to your preferences. Join EY in building a better working world by contributing to creating new value for clients and society while developing your own skills and knowledge.,

Looking for candidates with hands-on experience in Information Security, particularly in TPRM (Third Party Risk Management), Information Security Consulting, Vendor Management, Third-Party Cyber Risk Assessment, Vendor Risk Assessment, and GRC. Skill set - ISO, SOC2 type2 , Vendor or information security Risk assessments, Operations Resilience, BCP/DR, NIST, GDPR, PCI/DSS, Client Management. Job Location: Bangalore and Notice Period: Immediate to 15 days (only candidates available within this period may apply).

Understanding the requirement to conduct comprehensive information security risk assessment of 3rd party service provider (TPRM) who will provide new services/applications. Plan/ conduct periodic assessment of existing vendors as per organizations Required Candidate profile Provide recommendation on highlighted information security risk,follow ups & track for closure Knowledge & exp in Information security risk standards.SEBI regulatory circulars for TPRM perspective

We are seeking a highly skilled Consultant Finance to join our dynamic team. In this role, you will be responsible for providing expert financial advice to our clients, analyzing financial data, and developing financial strategies to drive business success. Key Responsibilities: Provide financial guidance and advice to clients Analyze financial data and prepare financial reports Develop financial strategies to maximize profits and minimize risk Assist with budgeting, forecasting, and financial planning Collaborate with cross-functional teams to achieve financial goals Qualifications: Bachelor's degree in Finance, Accounting, or related field Proven experience as a Financial Consultant or similar role Strong knowledge of financial analysis, forecasting, and budgeting Excellent communication and interpersonal skills Ability to work independently and collaboratively in a team environment Benefits: Competitive salary Health, dental, and vision insurance 401(k) retirement plan Paid time off and holidays Career development and advancement opportunities If you are a motivated and experienced finance professional looking to make an impact, we want to hear from you. Apply now to join our team as a Consultant Finance!

Walk In Drive-12th and 13th Sept Timings-10AM- 1PM Kindly carry 2 copies of CV Experience with excellent communication, Inter Personal Skills and Critical Thinking Skill set Risk and Compliance (Operational Risk Management, Sub Contractor Risk management/ Third Party Risk Management) and 3prm- third part relationship mgmt 2nd Line of defense (LOD -2) Domain - Banking (Onboarding Experience) (No Domestic or Individual Banking) Recommended Profile - Coperate Banking, Investment Banking with IB with Vendor Onboarding Experience - Excluding KYC onboarding experience TARGETTED COMPANIES : BNP PARIBAS, BNY MELLON, WELLS FARGO, BARCLAYS, NATWEST/RBS, BANK OF AMERICA, STATE STREET, STANDARD CHARTERED BANK (CDD- Entity Onboarding Profiles) Contact Person- Shiva Priya Nikhil Somina-somina.adlakha@hcltech.com

Role Overview: As part of the First Line of Defence (1LoD) Group Third Party Assurance Services (3PAS) team at LSEG, you will be responsible for providing Third Party Risk Management (TPRM) services and expertise to embed the TPRM policy and operationalize the process. Your role will involve collaborating with the Third Party Risk Officer (TPRO) Director and working closely with senior management to ensure robust management of risks associated with third parties. TPRM is a relatively new field for LSEG, and you will play a key role in advancing the TPRM approach within the organization, bringing autonomy, variety, and opportunities for development. Key Responsibilities: - Establish positive relationships and provide guidance to divisional/functional TPRM leads, Accountable Executives, COOs, and CROs to ensure consistent adoption of the Group TPRM framework - Partner with key collaborators to align the framework with relevant policies and support the continual development and maturity of the 1LoD TPRM framework - Lead the execution of resilience-related projects and initiatives, such as developing the Service Delivery Management approach and automating due diligence through Artificial Intelligence (AI) - Support TPRM communications and training delivery to a wide partner group, including the monthly TPRM Working Group, to drive efficient process execution and understanding of roles and responsibilities - Liaise with Group Procurement to ensure key TPRM process steps are followed, including completion of the Inherent Risk Questionnaire (IRQ) and due diligence processes - Collaborate with other 3PAS teams to ensure alignment of process execution to the framework and automate reporting requirements Qualifications Required: - Experience operating at Manager level within a firm, developing and implementing TPRM systems and processes - Knowledge of TPRM and operational resilience global regulatory requirements - Understanding of various risk types incorporated into a mature TPRM process, including cyber, data, business continuity management, and HR - Strong analytical skills and ability to drive continuous improvement and risk-based decision-making culture - Excellent interpersonal and communication skills, with the ability to influence senior partners and drive change effectively Additional Company Details (if present): LSEG is a leading global financial markets infrastructure and data provider with a purpose of driving financial stability, empowering economies, and enabling sustainable growth. The organization values integrity, partnership, excellence, and change, guiding interactions with employees, partners, and customers. LSEG offers a collaborative and creative culture, committed to sustainability and supporting community groups through the LSEG Foundation. The company provides tailored benefits and support, including healthcare, retirement planning, and wellbeing initiatives.,

Freelancing Opportunity (Project Based), Exp in ISO27001,TPRM , Vendor Risk Management/Assessment, SSAE security audits, Cybersecurity reviews, ITGC,& IT Application Audits, Good understanding of internal controls, risk management, & ISMS frameworks.

Job Title :ISO 27001 Lead Auditor Company:CyberAssure www.cyberassure.one Years of Experience: 4-5years min.2yrs relevant exp. Location:Sohna Road, Gurgaon, Sector 49 Package:open , no bar Work Mode: Work From Office Joining time-: Immediate - 30 days About Us: We are a fast-growing, innovative organisation in the cybersecurity industry, committed to providing cutting-edge solutions for our clients. As part of this role, the selected professional will be deployed on client assignments to lead audits, provide consulting, and support end-to-end ISO 27001 implementation and compliance requirements. Job Overview: We're seeking an experienced ISO 27001 Lead Auditor to manage and conduct audits of client Information Security Management Systems (ISMS) based on ISO 27001 standards. The successful candidate will have excellent knowledge of information security principles, risk management, and auditing best practices, and will handle end-to-end audit processes for client organisations. Key Responsibilities: Audit Planning and Execution: נDevelop and implement audit plans, procedures, and schedules to ensure compliance with ISO 27001 standards נConduct audits to evaluate the effectiveness of the ISMS and identify areas for improvement Audit Reporting and Follow-up: נPrepare and present audit reports to client management, highlighting findings, recommendations, and non-conformities נVerify the implementation of corrective actions and ensure closure of audit findings Leadership and Client Engagement: נLead audits independently or with teams at client locations נProvide consulting support to clients for audit readiness and compliance improvements Risk Management and Compliance: נEnsure client ISMS aligns with ISO 27001 standards and applicable regulatory requirements נIdentify and assess information security risks, recommending appropriate controls and mitigations Requirements : * Education: Bachelor's degree in Computer Science, Information Technology, or related field * Certifications: ISO 27001 Lead Auditor certification (PECB or equivalent) * Experience : 4-5 years of experience in information security, auditing, or a related field, with at least 2 years in a lead auditor role Skills: Strong knowledge of ISO 27001 standards, information security principles, and risk management Excellent communication, leadership, and client-facing skills Ability to analyse complex information security issues and provide practical recommendations Knowledge of Third Party Risk Management frameworks, industry standards, and regulatory requirements Experience with Vendor Risk Management platforms is an added advantage Regards, Rajesh Kumar Aayam Consultants 110 A, K-pocket, Sheikh Sarai II, New Delhi - 110017 Cell - 9311232179/7011595674 Email- [HIDDEN TEXT]

Position: Senior Service now Developer Work Mode: Hybrid Location: Pan India Primary Skills: (Service New TPRM Module, GRC, IRM)- in combination if possible; Secops, (ITOM, CMDB, Service Mapping)- comination if possible

EY GDS Consulting - Financial Services Third-Party Risk Management (FS TPRM) Senior As part of our EY- FS TPRM team, you will help clients enhance their business performance by translating their strategies into realities. Working with EY-high performing teams, you will help clients to grow, innovate, protect, and optimize their business performance. The opportunity Were looking for Seniors with expertise in Third-Party Risk Management to join the leadership group of our EY- FS TPRM team . It is a fantastic opportunity to be part of a leading firm while being instrumental in the growth of a new service offering. Your key responsibilities Lead and work closely with the manager in the delivery of Third-Party Risk Management (TPRM) engagements. Lead the design and implementation of TPRM operating models, identifying, evaluating, and providing solutions to evaluate complex business and technology risks. Follow policies and procedures that support the successful implementation of TPRM operating models. Facilitate process walkthrough discussions to document end-to-end business processes and functional requirements. Assess the application of legal and regulatory requirements to clients TPRM practices. Lead/Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes. Assist in the selection and tailoring of approaches, methods, and tools to support service offering or industry projects. Demonstrate a general knowledge of market trends, competitor activities, EY products, and service lines. Build and nurture positive working relationships with clients to achieve exceptional client service. Contribute to Identifying opportunities to improve engagement profitability. Assist leadership in driving business development initiatives and account management. Participate in building strong internal relationships within EY Consulting Services and with other services across the organization. Skills and attributes for success Maintain an educational program to develop personal skills continually. Constantly upskilling as per market trends. Understand and follow workplace policies and procedures. Attend L&D programs and exhibit a thorough knowledge of consulting methodology and consulting attributes. Exhibit initiative and participate in corporate social and team events. To qualify for the role, you must have 3 to 6 years of demonstrated experience with Risk Management across the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting) and an understanding of the associated organizational infrastructure (e.g., relevant internal controls, business processes, governance structures). Strong understanding of the TPRM framework, Risk Management, Information Security practices. Demonstrate a good understanding of the Contract Risk Review management process. Hands-on exposure to TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.). Demonstrated knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc. Good knowledge of privacy regulations such as GDPR, CCPA, etc. Good knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc. Good knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management. Good knowledge of OS (Windows / Linux) security, Database security, IT infrastructure (switches, routers, firewalls, IDS, IPS, etc.), Security architecture design, and review. Good familiarity with OWASP, and Secure SDLC standards/frameworks, anti-virus solutions (e.g., Symantec, McAfee, etc.). Good experience in LAN/WAN architectures and reviews. Good knowledge of incident management, disaster recovery, and business continuity management, cryptography. Good to have prior Big-4 experience. Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer Ideally, you’ll also have Project Management skills. Exposure to tools like Process Unity, ServiceNow, Archer. What we look for A Team of people with enthusiasm to develop new skills and knowledge and experience to succeed and inquisitiveness to learn new things in this fast-moving environment. Actively tracks and communicates engagement performance and planning to EY engagement management, ensuring project milestones remain on track and are completed timely. Actively mentors and trains team members on Third-Party Risk Management processes, governance, and frameworks. Works cross-functionally with team members to support and drive a collaborative team environment. Creates and design effective presentations as a means for communicating project and deliverable progress to clients. Performs sophisticated data analyses to understand client s business and identify risk Executes advanced services and supervise staff in delivering essential services. Understands client s business environment and basic risk management approaches Actively participates in decision making with engagement management and seek to understand the broader impact of current decisions. Actively contributes to improving operational efficiency on projects & internal initiatives. What working at EY offers At EY, we’re dedicated to helping our clients, from the startups to Fortune 500 companies — and the work we do with them is as varied as they are. You get to work with inspiring and meaningful projects. Our focus is on education and coaching alongside practical experience to ensure your personal development. We value our employees, and you will be able to control your progress with an individual progression plan. You will quickly grow into a responsible role with challenging and stimulating assignments. Moreover, you will be part of an interdisciplinary environment that emphasizes high quality and knowledge exchange. Plus, we offer: Support, coaching, and feedback from some of the most engaging colleagues around Opportunities to develop new skills and progress your career The freedom and flexibility to handle your role in a way that’s right for you

Technical Skill Requirements: Expertise in IT internal audit, Information Security/cybersecurity, IT SOX, Third Part Risk Assessment Reporting e.g., SOC1, SOC 2. Relevant expertise on CSA STAR requirements, ISO control, NIST Standards, PCI DSS and GDPR requirements. Experience in performing control testing, IT / infosec risk assessments, network security, Infrastructure assessments. Knowledge of technical domains such as cloud security and application security. Certification: CISA, CISSP, CEH, ISO, PCI DSS, NIST

Roles& Responsibility Develop and implement security policies, procedures, and controls to mitigate identified risks and ensure vendor compliance with organizational standards. Conduct thorough risk assessments of potential and existing third-party vendors to identify potential vulnerabilities and threats. Continuously monitor the vendor performance, including adherence to contractual agreements and security controls, and taking corrective action when necessary. Administer & Coordinate with the functional stakeholders for smooth implementation and monitoring of Risk & compliance systems Review, maintain and continual improvement of Risk Management requirements as per Omega Healthcare Standards and industry wide best practices. Serve as Internal Risk management consultant to the organization. Responsible for security planning and effectively managing information security and operation risk risks within the operating environment. Initiate, facilitate, and promote activities to create Risk Management awareness within the organization. Facilitate cross functional department SPOC to review their Policies and procedures document and other Risk and Compliance activities Provide regular updates to management on the status of third-party risk and communicate potential risks and mitigation strategies to relevant stakeholders. Warrant appropriate methodologies for various processes of Compliance systems, e.g., risk assessment, risk treatment, document classification, etc. Develop engaging content and maintain communication channels to create and conduct Information Security Awareness training and event Develop the event strategy, calendar, manage event logistics and budget. Coordinate with other departments and stakeholders, analyse event effectiveness and identify areas for improvement Need to have exposure to Client Questionnaire, Vendor Risk Assessment, RFP/RFI Qualification : Any graduate with good communication skills Overall IT experience of 5 to 10 years, with a minimum of 7 years in IT Security, Audit, or Compliance roles. Strong understanding of risk management principles and practices. Experience with conducting risk assessments and developing security policies. Ability to work independently and as part of a team. Proficiency in relevant software and tools (e.g., TPRM platforms, GRC tools) Experience of regulations/standards/frameworks like ISO 27001, 9001, HIPAA, HITRUST, HITECH, SOC1/2, NIST, PCI-DSS etc. Certifications like ISO 27001, CISA, CISM, CRISC, PCI-DSS is an advantag

Job Description Summary The Third-Party Risk Management (TPRM) team seeks a proactive and experienced Cyber Investigator to lead and enhance the TPRM program. The ideal candidate will possess strong organizational, prioritization, and risk assessment skills, with the ability to work independently and collaboratively to drive program success. This role requires expertise in third-party risk management processes, supplier engagement, and remediation efforts, as well as the ability to effectively collaborate with internal stakeholders and escalate issues when necessary. Role Overview Manage and prioritize TPRM workflow queues, ensuring timely completion of assessments and adherence to Work-in-Progress (WIP) standards. Conduct thorough risk evaluations, guide suppliers on remediation efforts, and ensure proper closure of assessments. Partner with internal teams, including procurement, compliance, and IT security, to align on risk management strategies and ensure seamless communication across functions. Identify and escalate overdue assessments or unresolved supplier issues to appropriate stakeholders, ensuring prompt resolution and adherence to service-level agreements (SLAs). Identify and implement innovative solutions to enhance TPRM processes and governance frameworks. Communicate effectively with suppliers to resolve findings and ensure compliance with risk management policies. Escalate overdue questionnaires promptly and monitor supplier responses to ensure timely resolution. Actively participate in team meetings and huddles, providing constructive feedback to improve the TPRM program. Stay updated on industry-standard risk management methodologies (e.g., NIST, ISO, CIS Controls) and IT security principles The Ideal Candidate Ideal candidate should have experience in Cyber Investigator to lead and enhance the TPRM program. Required Qualifications Bachelor's Degree in Computer Science or STEM Majors (Science, Technology, Engineering and Math) with 5+Years experience. Experience in data security discipline Advanced knowledge of risk management frameworks, IT security, and infrastructure vulnerabilities. Preferred Qualifications Ability to analyze data and identify risks effectively. Strong ability to prioritize tasks, meet target goals, and work independently with minimal supervision. Exceptional critical thinking and analytical skills to address complex challenges and drive results. Clear and concise communication with suppliers, team members, and stakeholders at all levels. Demonstrates initiative, influences others, and fosters a collaborative team environment. Proven track record of managing and executing short-term and long-term projects successfully. Familiarity with third-party risk management tools and technologies. Ability to adapt to new technologies and drive their implementation within the GE environment. Strong interpersonal skills to build relationships with internal stakeholders and suppliers

Join our dynamic team as an IT Auditor, where you'll assess IT controls, cybersecurity, and regulatory compliance across diverse environments. This role offers hands-on experience with audits, vendor assessments, and frameworks like ISO 27001, GDPR, and SEBI/RBI guidelines. A great opportunity for tech-savvy professionals looking to grow in IT risk and audit. What You'll Do: Assist in planning and executing IT audits, including risk assessments and control evaluations. Review and test IT general controls (ITGC) and application controls. Support cybersecurity and data protection audits in line with organizational policies. Perform vendor audits to assess third-party compliance with contractual, security, and regulatory requirements. Document audit workpapers, findings, and recommendations in a clear, concise manner. Assist in compliance reviews (e.g., ISO 27001, GDPR, SOX, PCI-DSS). Conduct audits for compliance with Indian regulatory frameworks such as SEBI, IRDAI, and RBI guidelines where applicable. Perform follow-up audits to verify the implementation of remediation actions. Collaborate with IT, security, procurement, and business teams to understand processes and risks. Stay updated on emerging IT risks, cybersecurity threats, and audit best practices. What Were Looking For: Basic understanding of IT infrastructure (networks, servers, databases, cloud environments). Knowledge of information security principles and frameworks (e.g., COBIT, NIST, ISO 27001). Familiarity with vendor risk management and third-party security assessments. Understanding of Indian regulatory requirements and guidelines from SEBI, IRDAI, and RBI. Proficient in Microsoft office and basic audit tools. Bachelors degree in Information Technology, Computer Science, Information Systems, or a related field. Preferred: Working towards or interested in certifications such as CISA, CompTIA Security+, or ISO 27001 Lead Auditor. About Kissht: Kissht, a Great Place to Work certified organization, is a consumer-first credit app that is transforming the landscape of consumer credit. As one of the fastest-growing and most respected FinTech companies, Kissht is a pioneer in data and machine-based lending. With over 15 million customers, including 40% from tier 2 cities and beyond, we offer both short and long-term loans for personal consumption, business needs, and recurring expenses. Founded by Ranvir and Krishnan, alumni of IIT and IIM, and backed by renowned investors like Endiya Partners, the Brunei Investment Authority, and the Singapore Government, Kissht is synonymous with excellence in the industry. Join us and be a part of a dynamic, innovative company that is changing the future of financial technology.

Role & responsibilities Milestone Technologies is seeking a Lead Technical Business System Analyst with strong network skills to join our partners Digital Technology and Innovation function, working in the Partner Services Team within Cybersecurity Digital Trust office supporting end-user technologies. In this key role, you will be responsible for in depth gathering, developing and maintaining business and technical requirements to assist with migrating our clients partner from VPNs to virtual secure solutions. Responsible for ensuring the business requirements are fully gathered, documented and aligned with functional digital profile builds, identity management, application architecture details, etc. You will be working on high visibility projects and play a key role to delivering on Digital Technology and Innovation initiatives. You will work with global and functional area business/technical teams, system and project owners, and External Business Partners while serving a technical solution SME. CDT B2B Enablement and Partner Services are responsible for the design, development, delivery, governance, and life cycle of clients messaging and collaboration technologies. The team consists of cross-disciplinary IS professionals who understand how to deliver services that span both infrastructure and applications. Key duties for the B2B Technical/Business Analyst include : Knowledge of industry regulations, standards, business principles and information system technology Maintain progress on key initiatives and drive project milestones to completion Facilitating communication between business unit(s) and IT from initial requirements to final implementation Communicate directly with cross-functional team members/leads to confirm requirements and clarify business objectives/task Take ownership of relevant requirements issues and coordinate through to completion Document functional digital profiles based on least privilege principle Interact with multiple cross-functional areas to understand and develop joint roadmaps/strategies Log tickets for required changes and track progress through ServiceNow as also DevOPs and System Development Lifecycles processes Independently identify, document and escalate complex, break-fix issues and track to resolution Provide clear documentation for delivered solutions and processes, integrating documentation with the appropriate repositories and informing corporate stakeholders Implement solutions for external clients based on functional specification and capabilities Identify and flag tech security gaps in system level access Interact with Information Security, Identity and Access Management, teams to ensure solutions are scalable, secure, and optimized to protect client information Perform hands-on technical work and deliver readiness training to external business partners Monitor approval queue in ServiceNow Maintain knowledge of IS quality and compliance policies, SOPs and associated documents Applies analytical skills to evaluate and interpret complex situations/problems using multiple sources of information Preferred candidate profile

A Third Party Technology Assurance Lead plays a critical role in safeguarding an organisations technology landscape by managing and assessing the risks associated with third-party vendors and service providers. The Lead proactively analyses, monitors, and assures the compliance, security, and operational effectiveness of external technology services upon which the organisation relies. This position is vital in a world where organisations increasingly depend on external partners for software, cloud infrastructure, and data processing, making assurance and oversight of third parties a top priority for operational resilience and regulatory compliance. Key Responsibilities Third Party Risk Assessments: Conduct comprehensive risk assessments of third party technology vendors and service providers. Evaluate security postures, technical controls, and compliance with organisational and regulatory requirements before onboarding and throughout the partnership lifecycle. Due Diligence Activities: Lead and support due diligence efforts by gathering, reviewing, and analysing documentation such as SOC1/SOC2 reports, ISO certifications, data protection agreements, GDPR and other compliance artefacts. Ongoing Monitoring: Continuously monitor third party technology services for changes in risk profile, compliance status, or incidents. Maintain updated records and risk ratings, and ensure periodic re-assessment in line with organisational policies. Vendor Risk Scoring & Reporting: Develop and update risk scoring models for technology vendors. Produce regular management reports and dashboards highlighting risk trends, non-conformities, and remediation progress. Incident Management: Participate in the identification, escalation, and remediation of incidents involving third party technology services. Coordinate with internal stakeholders to ensure effective response and lessons learned. Contractual Control Reviews: Review and advise on contract terms with technology vendors, ensuring that security, confidentiality, and compliance clauses are embedded and enforceable. Policy & Framework Development: Contribute to the development, maintenance, and enhancement of third-party risk management policies, standards, and guidelines aligned with best practices (e.g., NIST, ISO 27001) Stakeholder Engagement: Work closely with procurement, legal, information security, compliance, and business teams to build awareness and understanding of third-party risks and controls. Audit Preparation & Support: Assist in the preparation for internal and external audits related to third-party technology risk. Provide evidence, documentation, and subject matter expertise as required. Market Intelligence: Stay current with emerging risks, regulatory changes, and best practices in third-party technology risk and assurance. Required Skills and Qualifications Education: Bachelors degree in Information Technology, Cybersecurity, Computer Science, Risk Management, or related field. Professional certifications (e.g., CISA, CISM, CRISC, CISSP) are highly desirable. Experience: 10+ years of experience in technology risk management, third party security assessments, or audit/assurance roles, preferably within financial services, healthcare, or other regulated industries. Technical Knowledge: Understanding of IT infrastructure, cloud architectures, SaaS platforms, and data protection frameworks. Familiarity with common security controls and risk management methodologies. Regulatory Awareness: Solid knowledge of relevant regulations and standards (e.g., GDPR, HIPAA, SOX, PCI DSS, NIST, ISO 27001). Analytical & Problem Solving: Strong analytical skills to identify, assess, and mitigate complex technology risks. Ability to evaluate large amounts of information and make informed recommendations. Communication: Excellent verbal and written communication skills for preparing reports, presenting findings, and influencing stakeholders at all organisational levels. Organisational Skills: Demonstrated ability to manage multiple priorities, meet deadlines, and adapt in a fast-paced environment. Attention to Detail: High degree of accuracy and attention to detail in reviewing documentation and risk artefacts. Collaboration: Effective team player with a proactive approach to cross-functional projects and initiatives. Continuous Learning: Eagerness to stay abreast of technological advancements, threat landscapes, and evolving assurance techniques. Desirable Skills and Competencies Automation and Tooling: Experience with third-party risk management platforms, GRC (Governance, Risk, and Compliance) tools, and automation of risk assessment processes. Project Management: Familiarity with project management methodologies and the ability to drive assurance initiatives from inception to completion. Innovation: Ability to recommend and implement process improvements to increase the efficiency and effectiveness of third-party risk management activities. Negotiation: Confidence in negotiating with vendors to achieve favourable assurance and compliance terms. Presentation Skills: Experience delivering risk-related findings and assurance updates to senior management, boards, or external regulators.

Job Summary* The Third Party Risk Manager is responsible for the oversight and execution of the third party risk management (TPRM) framework, ensuring all external vendor and partner relationships are assessed, monitored and managed in alignment with organisational risk appetite and regulatory requirements. The role requires expertise in risk and control environment, particularly within technology and cyber security domain. Key responsibilities: Managed the end to end third party risk lifecycle, including onboarding due diligence, risk assessment, contract reviews, continuous monitoring and offboarding. Ensure third party engagements operate within established risk tolerance and comply with internal policies and external regulatory obligations. Provide subject matter expertise on third party risk, advising stakeholders across business and recommending practical risk mitigation strategies. Partner with Control Owners (SCM) to define and maintain risk management metrics, dashboards, and reporting mechanisms to measure and monitor third party risk exposure. Support internal and external audits as well as regulatory review by providing documentation, analysis and evidence of TPRM program activities. Have detailed understanding of technology and third-party regulatory landscape. Experience with Risk and Control and/or Audit background would be beneficial. Responsibilities* Strategy* Subject matter expert on Technology Resilience, Third Party Risk Management, IT Continuity Management, as well as Contingency and Disaster Recovery Assess the overall effectiveness of TPCP Testing strategy for Material Technology Arrangements, Support the implementation internal procedures and training which support the (TPCP) Testing and exercising strategy for Material Tech Arrangements where applicable. Support the planning, coordination, and facilitation of the simulated test exercises, ensuring alignment across the various Stakeholder Groups. Support internal and external progress reporting requirements on TPCP Testing for Material Technology Arrangements. Build relationships with a wide range of senior stakeholders to deliver against the strategies and processes that underpin the TPCP Testing & Exercising strategy. Business* Have the knowledge and confidence to apply critical thinking to make the necessary decisions to progress and at the same time, understand the limits of his/her responsibility and expertise and know when to solicit decisions from other members of the team. Liaise with contract managers across Technology & Architecture and CIOs regarding third party risk and controls compliance. Build strong relationships with internal and external partners to enhance risk management efforts. Processes* Check test or exercise frequency requirements as part of the TPCP annual review. Recording of scheduled test dates in the Third-Party register Actively take part in all exercises Review exercise outcomes, including any risk escalation. Review and approve any updates to the TPCP. Track any updates to the exercise date in the Third-Party register. Constantly analyse, enhance, and seek to improve testing processes. People & Talent* Always have an eye for Process Improvements and Innovations with an objective to Simplify’, while still maintaining the value delivered. Ensure a cohesive team approach that supports the broader Third-Party Risk Management and Bank wide agenda to build for the long-term Risk Mitigation and Controls* Support the development and implementation of risk mitigation strategies and action plans. Ensure the effectiveness of risk controls and compliance with regulatory requirements. Collaborate with various departments to integrate risk management practices into business processes. Normalise disparate approvals processes to speed up delivery without increasing the risk. Governance* Continuously monitor the third-party risk profile and ensure that risk management activities are being carried out effectively. Reporting on risk exposure and the effectiveness of mitigation efforts to MT and stakeholders Build, manage and maintain relationships with global and regional teams across the bank across the relevant first, second and third line of defence. Conduct periodic reviews, control sample testing, and metrics reporting on third party risk. Identify opportunities for process improvements and implement enhancements. Regulatory & Business Conduct* Display exemplary conduct and live by the Take personal responsibility for embedding the highest standards of ethics, including regulatory and business conduct, across Standard Chartered Bank. This includes understanding and ensuring compliance with, in letter and spirit, all applicable laws, regulations, guidelines and the Group Code of Conduct. Effectively and collaboratively identify, escalate, mitigate, and resolve risk, conduct and compliance matters. Other Responsibilities* Perform other responsibilities assigned under Group, Country, Business or Functional policies and procedures

Risk Management Expert with 6-8 years of experience in 3rd party Risk Assessments. Having ISMS Auditing skills are added advantage. Candidate must be well versed with Risk Assessments performed and not restriciting to checklist assessments. Need thorough knowledge of Information Security. Roles and Responsibilities Experience in conducting Business Impact Analysis and Risk Assessments for third-party companies / third-party applications / i nformation s ystems with b usiness stakeholders. Ability to identify information security risks and provide recommendations, including compensating controls for third-party companies / third-party applications / information systems . Summarize findings and recommendations in the risk report. Experience in communicating with business stakeholders / non-technical stakeholders to explain information security risks and mitigation plan . Review third-party contractual agreements to ensure alignment with internal policies. Conduct audits to verify the compliance to organization security policies / standards. Expertise in cyber security / information security standards / frameworks such as ISO27001, NIST CSF, etc. Experience with TPRM tools such as Archer, OneTrust is an advantage. Experience working with geographically distributed teams . Excellent organizational, presentation & communication skills and ability to handle multiple assessment request and deliverables it within the specific timelines.

8–10 yrs of experience in supporting the execution and continuous improvement of our Technology Risk Management and IT Third-Party Risk Management programs. Exp in Hyperproof /Auditboard /Workiva /OneTrust ,Cybersecurity frameworks and standards

position: Contract to Hire(C2H) Skill: Third-Party Risk Management Experience: 3+ Location: Bang Notice Period: Immediate to 15 Days Job Descrption : General Risk management and Controls management awareness. Internal Controls Testing/ Internal Audit. Understanding of Third-Party Risk Management including Inherent and Residual Risks. Familiarity with the banking products and services including front to back process view especially Third-party risk management would be an added advantage. Familiarity with Computer applications such as Excel, Word, PowerPoint Self-disciplined individual who can analyse complex issues, drive resolution and diligently track progress on the status Candidates who are Interested for above position , please share your Resume to bhargavi.maddela@kiya.ai

Relevant Experience: 8 - 9 Years Location: Noida, Hyderabad, Bangalore, Chennai, Lucknow, Kolkata Work Mode: Hybrid (3 Days Work From Office, 2 Days Work From Home) Shift Timing: 9:30am to 6:30pm Primary Skills: Strong hands-on experience with ServiceNow TPRM (Third Party Risk Management) , GRC (Governance, Risk, and Compliance) , and IRM (Integrated Risk Management) modules Expertise in ServiceNow SecOps (Security Operations), including incident response and threat intelligence Proficiency in ITOM (IT Operations Management) , especially CMDB and Service Mapping Secondary Skills: ServiceNow certifications such as: CSA (Certified System Administrator) CIS-GRC , CIS-SecOps , CIS-ITOM Scripting experience using JavaScript , GlideScript , and Flow Designer Familiarity with REST/SOAP APIs for integrations Understanding of ITIL processes , Agile methodologies , and DevOps practices Roles & Responsibilities: Lead the design, configuration, and implementation of ServiceNow modules including TPRM, GRC, IRM, SecOps, ITOM, CMDB, and Service Mapping. Collaborate with business stakeholders to gather requirements and translate them into scalable ServiceNow solutions. Develop and maintain workflows, business rules, UI policies, and automation scripts to support risk, compliance, and operational processes. Ensure CMDB accuracy and implement service mapping for infrastructure visibility and dependency tracking. Integrate ServiceNow with external systems for data exchange and automation using APIs. Monitor platform performance, troubleshoot issues, and ensure timely resolution. Create dashboards and reports for compliance, risk, and operational metrics. Support platform upgrades, patching, and governance activities. Provide technical guidance and mentorship to junior team members.

Role Service now Developer Experience: 8+years Location: Pan India Hybrid Mode Note: Immediate joiner and serving notice are only preferred Job Description: Service New TPRM Module, GRC, IRM Secops, (ITOM, CMDB, Service Mapping)

Job description Information Governance and GRC Analyst Role Overview The Information Governance GRC Analyst ensures compliance with records management requirements while supporting governance and risk processes This role manages user access and lifecycle for physical and digital records coordinates annual destruction campaigns and partners with business units and Legal for compliance activities In addition the role supports GRC initiatives such as policy and standards management annual business ownership attestations and basic risk assessments Familiarity with compliance platforms eg OneTrust is helpful but not mandatory Key Responsibilities Records Information Governance 1Administer user access for records platforms onboardingoffboarding permission changes 2Orchestrate the annual records compliance campaign while managing retention schedules and legal holds facilitate disposition of records and maintenance of such records 3Coordinate with vendors for offsite storage shredding and destruction certificates 4Prepare compliance reports and maintain documentation for audits GRC Responsibilities 5Manage the policy and standards lifecycle draft review approval publication 6Facilitate annual business ownership attestations and track compliance metrics 7Assist with risk assessments by collecting evidence and documenting results 8Support exception handling and reporting processes 9Use compliance tools like OneTrust for policy publishing attestations and dashboards Qualifications Experience in records management and information governance physical and digital Should have worked in the GRC or information governance domain for 3 to 5 years Understanding of compliance processes and governance principles Strong organizational and communication skills ability to manage multiple priorities Nice to have familiarity with GRC tools eg OneTrust risk assessment basics or policy management experience Skills Mandatory Skills : One Trust Data Privacy,One Trust GRC,GRC Risk - Third Party Risk Management (TPRM),GRC Risk Assessment,OneTrust Good to Have Skills : One Trust GRC

Who We Are At Kyndryl, we design, build, manage and modernize the mission-critical technology systems that the world depends on every day. So why work at Kyndryl We are always moving forward - always pushing ourselves to go further in our efforts to build a more equitable, inclusive world for our employees, our customers and our communities. The Role Are you passionate about protecting companies from cyber threats Do you want to be part of a team that safeguards the digital assets of cutting-edge organizations Look no further - Kyndryl is seeking a Cybersecurity Specialist to join our team of talented Technical Specialists. As a Cybersecurity Specialist, you will be at the forefront of protecting Kyndryl's customers computer systems and networks from unauthorized access, use, disclosure, disruption, modification, or destruction. You will use a variety of tools and techniques to defend against a wide range of cyber threats, such as malware, ransomware, phishing attacks, and data breaches. But that's not all - at Kyndryl, you will also have the opportunity to implement new cybersecurity systems and policies to ensure the protection of our customers data and assets. You will monitor and review potential threats from various cybersecurity systems and conduct proof-of-concepts (POCs) with new cyber security software to evaluate its effectiveness and potential integration into the organization's systems. Not only will you be responsible for ensuring the security of Kyndryl's customers network and systems, but you will also enrich the organization's knowledge towards potential cyber threats and best practices. You will provide automation scripts for threat hunting in customer environments using lessons learned from Cyber-attacks. You will also have the opportunity to conduct penetration testing and threat and vulnerability assessments of applications, operating systems, and networks, responding to cybersecurity breaches and identifying intrusions. You will research and evaluate cybersecurity threats and perform root cause analysis, all while assisting in the creation and implementation of security solutions. Additionally, you will have the opportunity to work in the area of security innovation, creating and experimenting with outside the box ideas that could change the trajectory of cyber security. This is a unique opportunity to work with cutting-edge technology, be part of a dynamic team, and make a significant impact in the world of cybersecurity. If you're up for the challenge, apply now to join Kyndryl's cybersecurity team! Your Future at Kyndryl Every position at Kyndryl offers a way forward to grow your career. We have opportunities that you won't find anywhere else, including hands-on experience, learning opportunities, and the chance to certify in all four major platforms. Whether you want to broaden your knowledge base or narrow your scope and specialize in a specific sector, you can find your opportunity here. Who You Are You're good at what you do and possess the required experience to prove it. However, equally as important - you have a growth mindset keen to drive your own personal and professional development. You are customer-focused - someone who prioritizes customer success in their work. And finally, you're open and borderless - naturally inclusive in how you work with others. Required Skills and Experience: Having 5 + years of exp in AppSec & TPRM Lead Own and govern the end-to-end Vulnerability Management (VM) program Ensure DevSecOps integration completeness across SAST, DAST, SCA, CSPM, and Infra tools for automating security assessments in DevOps pipelines Track remediation SLA adherence, escalate overdue issues, and align with stakeholders Review and report weekly/monthly dashboards covering risk trends, SLAs, and exceptions Oversee secure SDLC enforcement and continuous improvement of security processes Preferred Skills and Experience: Facilitate TPRM alignment and integration into the broader VM landscape Lead cross-functional coordination, metrics-driven governance, and knowledge sharing Perform thread modelling for new applications Being You Diversity is a whole lot more than what we look like or where we come from, it's how we think and who we are. We welcome people of all cultures, backgrounds, and experiences. But we're not doing it single-handily: Our Kyndryl Inclusion Networks are only one of many ways we create a workplace where all Kyndryls can find and provide support and advice. This dedication to welcoming everyone into our company means that Kyndryl gives you - and everyone next to you - the ability to bring your whole self to work, individually and collectively, and support the activation of our equitable culture. That's the Kyndryl Way. What You Can Expect With state-of-the-art resources and Fortune 100 clients, every day is an opportunity to innovate, build new capabilities, new relationships, new processes, and new value. Kyndryl cares about your well-being and prides itself on offering benefits that give you choice, reflect the diversity of our employees and support you and your family through the moments that matter - wherever you are in your life journey. Our employee learningprograms give you access to the best learning in the industry to receive certifications, includingMicrosoft, Google, Amazon, Skillsoft, and many more. Through our company-wide volunteering and giving platform, you can donate, start fundraisers, volunteer, and search over 2 million non-profit organizations. At Kyndryl, we invest heavily in you, we want you to succeed so that together, we will all succeed. Get Referred! If you know someone that works at Kyndryl, when asked How Did You Hear About Us during the application process, select Employee Referral and enter your contact's Kyndryl email address.

As a ServiceNow Developer at Bangmetric in Noida, India, you will be responsible for designing, developing, and implementing solutions on the ServiceNow platform. Your role will involve collaborating with cross-functional teams to deliver high-quality services, customizing ServiceNow features and modules to meet client needs, troubleshooting and resolving technical issues, as well as providing ongoing support and enhancements to ServiceNow applications. To excel in this role, you must have a minimum of 3 years of experience in ServiceNow development with a strong focus on ITSM implementation. Additionally, it is preferred that you have experience or knowledge in ITOM, SecOps, HAM, SAM, GRC, CSM, TPRM, or other related areas. Holding certifications such as CSA, CIS (in any module) will be advantageous for this position. If you are passionate about working with cutting-edge technologies and have a knack for problem-solving in the realm of ServiceNow, we encourage you to apply and be a part of our dynamic team at Bangmetric. Please note that this job posting was referenced from hirist.tech.,