140 Tprm Jobs - Page 5

Job description KPMG Advisory professionals provide advice and assistance to enable companies, intermediaries, and public sector bodies to mitigate risk, improve performance, and create value. KPMG firms provide a wide range of Risk Advisory and Financial Advisory Services that can help clients respond to immediate needs as well as put in place the strategies for the longer term. Role detail 4 to 8 years of experience in assurance, information security, vendor/ supplier/ third party risk assessment Expertise in cyber security including standards such as ISO27001, PCI-DSS, ISO22301, privacy etc. Knowledge of technical domains such as network security, cloud security, application security, control testing Knowledge of concepts such as vendor risk profiling, country risk assessment, outsourcing/ technology regulations Experience in assessing emerging technologies such as robotics, IOT, DLT, Social, Mobile etc., Exposure to TPRM specific regulations (FED, MAS, OCC, etc.), Exposure in assessing different third parties e.g. Brokers, Exchanges, etc., Worked with TPRM tools, platforms & utilities such as KY3P, TruSight, ServiceNow, OneTrust, CyberGRX, Coupa etc, Strong Auditing skills is desired, experience in IT Compliance, ITGC testing, and Assurance is a plus Strong problem solving and logical approach skills Excellent written and verbal communication skills Consistent display of technical proficiency Ability to work well in teams Willingness to travel within India or abroad for project/assignments. Demonstrate integrity, values, principles, and work ethic and lead by example CISA/ CISSP/ CISM/ISO27001 LA / LI / Cloud security certificates

Proficient in Risk assessment and analysis methodologies Risk management software and tools proficiency Knowledge of regulatory (GDPR,PCI-DSS, Anti-Money Laundering (AML)) requirements and compliance standards. Understanding of insurance principles and coverage. Industry-specific certifications (CRISC, CISM, ISO 27001:LA) Project management expertise. A thorough understanding of: ISO 27001 (Information Security Management) NIST Cybersecurity Framework SOC 1 and SOC 2 Standards

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level:8 + years. Location: Hyderabad / Bengaluru Required skills: 6 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level:5 + years. Location: Hyderabad / Bengaluru Required skills: 4 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Job description The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level: 3+ years. Location: Hyderabad / Bengaluru Required skills: 3 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA

Role: Senior Associate Third Party Risk Management (TPRM) About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won t just imagine the future-you ll create it. About the Job: The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level: 3+ years. Location: Hyderabad / Bengaluru Required skills: 3 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA Additional information (if any): Need to be flexible to provide coverage in US morning hours. Location: IND:KA:Bengaluru / Innovator Building, Itpb, Whitefield Rd - Adm: Intl Tech Park, Innovator Bldg

Role: Senior Associate Third Party Risk Management (TPRM) About the Company: Join AT&T and reimagine the communications and technologies that connect the world. Our Chief Security Office ensures that our assets are safeguarded through truthful transparency, enforce accountability and master cybersecurity to stay ahead of threats. Bring your bold ideas and fearless risk-taking to redefine connectivity and transform how the world shares stories and experiences that matter. When you step into a career with AT&T, you won t just imagine the future-you ll create it. About the Job: The Third-Party Risk Management (TPRM) team is part of Chief Security Office (CSO) and is responsible for working closely with internal teams including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Below are the key responsibilities: Conduct Cybersecurity Assessments: Perform comprehensive security assessments of third-party vendors, including evaluating their security policies, controls, and practices. Identify potential risks and vulnerabilities in vendor environments and provide recommendations for remediation. Risk Analysis and Reporting : Analyze assessment results to determine the level of risk associated with each third-party relationship. Prepare detailed assessment reports and risk summaries for internal stakeholders, including senior management and the TPRM team. Vendor Onboarding and Monitoring: Assist in the onboarding process for new vendors by conducting initial security assessments and ensuring compliance with Supplier Information Security Requirements (SISR). Monitor and re-assess existing vendors periodically to ensure ongoing compliance and address any emerging risks. Collaboration and Communication : Work closely with internal teams, including IT Security, Legal, Compliance, and Procurement, to ensure a unified approach to third-party risk management. Communicate assessment findings and risk mitigation strategies to third-party vendors in a clear and constructive manner. Policy and Procedure Development : Contribute to the development and enhancement of TPRM policies, procedures, and guidelines. Stay up to date with industry best practices, regulatory requirements, and emerging threats to continuously improve the TPRM program. Training and Awareness : Provide training and awareness sessions to internal teams and third-party vendors on cybersecurity best practices and TPRM requirements. Experience Level: 3+ years. Location: Hyderabad / Bengaluru Required skills: 3 years minimum experience in third-party risk management / risk consulting / cyber security assessments. Demonstrated experience in third-party risk management and vendor security assessments. Strong understanding of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, CIS Controls). Good understanding of various third-party risk management frameworks and standards. Proficiency in using security assessment tools and methodologies. Excellent analytical and problem-solving skills. Strong communication and interpersonal skills, with the ability to convey complex security concepts to both technical and non-technical audiences. Detail-oriented with strong organizational and project management skills. Desirable skills: Knowledge of data protection regulations (e.g., GDPR, CCPA) and their impact on third-party risk management. Prior experience with Telecom sector. Relevant certifications such as CISSP, CISM, CRISC, or CISA Additional information (if any): Need to be flexible to provide coverage in US morning hours. Location: IND:KA:Bengaluru / Innovator Building, Itpb, Whitefield Rd - Adm: Intl Tech Park, Innovator Bldg

Functional Responsibilities: Collaborate with business stakeholders to gather and document detailed requirements across risk domains (ABAC, Cybersecurity, Privacy, R&D, EHS, etc.) Translate business needs into functional specifications and user stories Design and validate workflows for risk assessments, approvals, and escalations Support the configuration of front-end questionnaires and logic-based risk triggers Assist in defining KPIs, reporting needs, and audit trail requirements Technical Responsibilities: Implement and configure the ServiceNow Risk Management module Lead or support API integrations with tools such as: OneTrust, Archer, CyberGRX, Security Scorecard Veeva Vault, Rapid Ratings, Ariba, Onit, SharePoint Ensure data mapping, transformation, and validation between systems Support testing (UAT, SIT) and defect resolution Ensure compliance with data privacy, security, and audit requirements

The GRC (Governance, Risk, and Compliance) Cyber Security Consultant is responsible for providing expert guidance and support in the areas of cyber security risk management, compliance, and governance. This role involves working closely with clients to assess their current cyber security posture, identify vulnerabilities and risks, and develop strategies to mitigate those risks. Responsibilities: 1. Assess clients' cyber security framework and identify gaps in compliance 2. Develop and implement comprehensive cyber security policies and procedures 3. Conduct risk assessments to identify potential threats and vulnerabilities 4. Create risk mitigation plans and provide recommendations for improvement 5. Assist clients in achieving compliance with relevant industry standards and regulations 6. Stay up-to-date with the latest cyber security threats, trends, and best practices 7. Provide training and awareness sessions to educate clients on cyber security measures 8. Collaborate with cross-functional teams to ensure alignment on cyber security initiatives 9. Prepare detailed reports on findings, recommendations, and progress updates for clients 10. Participate in client meetings to present findings and provide guidance on cyber security matters

Conduct third party risk assessments in alignment with company security policies and industry standards Perform on site assessments of vendors to identify opportunities for improvement Provide input and aid in the development of policies focused on the security of third party business processes Foster relationships and influence the behavior internal teams and external parties Develop and maintain supplier risk and control monitoring plans, performing monitor activities and analysis of evidence to determine controls are operating effectively Complete monitor and control tasks triggered by supplier Tier and Third Party Interaction Model Collaborate with the line of business stakeholders to deliver year over year cost savings with managed third party relationships Assist in development and execution of category/supplier strategies Partner with internal budget owners to deliver against operating or marketing budgets Partner with appropriate stakeholders on contract negotiations for all managed third party relationships Qualifications for third party risk management: Minimum 4 years of experience developing and maintaining global vendor risk management programs CISSP, CISM, CISA, or CRISC certification preferred Solid understanding of information technology and security solutions Responsible for proper invoice review, reconciliation, and payment Monitor and ensure successful delivery against third party contractual obligations

Designation: Information Security Consultant Job Code: JD2208396 Location: Bangalore Number of Vacancies: 1 Total Experience: minimum 1 year Shift: General Reports to: CTO Qualification: BE/B.tech/Bsc/BCA/M.Tech/ME Certification: ISO 27001:2013 Lead Implementer (preferable) Job Description: IT Security Consultant , with overall 3+ years of professional experience with areas of expertise in Governance Risk & Compliance (GRC), Third Party Risk Management (TPRM), Information Systems Audits including ISO 27001, Data privacy, GDPR, ITGC Assessments, Control testing, Information Security, ISO 27001 Implementation, SOX and SOC 2, IT Risk assessments on application and infrastructure. Information Technology and Information Security Governance and Risk Compliance Implementation across various industries including Banking, Retail, Insurance, Energy, and e-commerce. Expertise in Vendor Management, Issue Management, Compliance Management, Policy Management, Business Continuity and Disaster Recovery& Risk management modules/solutions. Detailed knowledge of international regulations and best practices covering ITIL, COBIT, ISO 27000, SOX, COSO, PCI, HIPAA and NIST 800. Have experience in core ISMS, services focused on SOX, ITGC, COBIT, COSO, ISO 270001, specialized in Governance & Compliance and Internal Audits. Good experience in client interaction with global leaders during requirement specifications and project implementation phases. Performed risk assessments based on industry standards, provided recommendations to management on results of analysis and work closely with other team- members to refine and enhance security controls and reduce organizational risk. Managing GRC and Third-Party Risk Management related engagements. Conducting audit to check the security posture of critical vendors. Performing quality checks for third party risk assessment. Facilitating External and Internal audits for ISO 27001. Identify and assessing areas of significant business risk. Plan and evaluate IT-related technical and organizational measures. Managing and reporting compliance breaches and exposures. Conducting Compliance audits by reviewing SOC2 Type II, Hi-Trust, ISO27001, PCI-DSS reports. Supporting various departments by collecting and coordinating internal compliance data with auditors and various departments. Ensuring complete, accurate, and timely audit information is reported to Management and/or Risk Committees. Qualification Bachelor's degree in computer science (B. Tech, BE, BCA, or MCA), ISO 27001 :2013 LA Preferred, Experience in Audits and Assessments preferably covering ISO 27001, SOC 2 Type 2, GDPR, Client Audit and Privacy Regulations (GDPR) Experience in identifying and remediating threat & vulnerabilities. ***the candidate must have a very good communication skill

#Greetings from IDESABS!! Overall Budget Tracking and Reporting - Publish Budget report (Budget utilization tracking (month-on-month)) (Project budget accountability with Project Manager) - Expense tracking, Expense gaps management, Expense adjustments - Expense validation (planned vs. actual vs. adjusted) - Highlighting discrepancies / over-spends - Risk management (raise, maintain, monitor, and mitigate) for budget Vendor/Supplier Management - Support internal contract management (eg: TPRM) & Legal Clearance process (with PM) - Support for Vendor/Supplier Contracting and e-Memo process - Support for Vendor/Supplier Invoice management (leaves in timesheet, invoices). (PM to review the timesheet entries / activities) also, define and optimize the timesheet review process. Reporting a) WSR/Fortnight meeting with Management - Schedule meeting (and manage logistics) as per project governance plan - Schedule pre-consultations with stakeholders prior to meeting (as required) - Status report draft and publication [co-ordinate with respective PM/DM] - Draft, review and publish minutes of meeting post all status report meetings - Consolidate, assign, and track action item (until closure) with respective PIC b) SteerCo meeting [RSG Management and Project SteerCo] - Schedule meeting (and manage logistics) - Schedule pre-consultations with stakeholders prior to meeting (as required) - SteerCo deck draft and publication [co-ordinate with respective PM] - Draft, review and publish minutes of meeting post all SteerCo meetings - Consolidate, assign, and track action item (until closure) with respective PIC Project Management support and co-ordination a) Support to PMs - Maintain and track RAIDS register and report [co-ordinate with PMs] - Support for maintenance of stakeholder matrix for the project - Support for maintenance of communication plan - Support for new project initiation activities (project set-up, pre-consultation) - Support program manager for financial planning - Support on the Kessai process draft and submit application - Support PMs on Kessai drawdown process, review, and approval (Kessai Planning and approval managed by Prog. Mgr.) - Action tracking for the project and program activities (TO-DO tracker) b) Resource demand management and supply - Manage demand for APH program/project, forecasting and fulfilment - Create and maintenance of resource loading sheet (RLS) - Manage the resource requisition process (i.e. source, set-up interviews) - Management of resource leave management for project resources - Support on vendor resource onboarding process (laptop issuance, ID card, access & logistics)

Dear Applicants, Greetings from Teamware Solutions! Position: Third Party Risk Management Experience: 4-6 Years Location: Mumbai (Apply if you are in western line) Notice Period: Immediate Joiners Interested candidates can apply to the given Email ID: greeshma.t@twsol.com Job Description:- Develop a strong understanding of outsourcing regulatory requirements as they relate to outsourcing and how the Firm must meet those requirements Shepherd Intake Forms through the multiple project phases and ensuring the agreed Service Level Agreements (SLAs) and go live deadlines are met Provide project management support for the entire lifecycle of an engagement, to ensure that all project related deliverables are met (i.e., completion of calls, governance and regulatory requirements, clearance and acknowledgments from control groups, including Compliance, Tax, Legal, BU, etc.), including project status reporting Provide support to ongoing project initiatives Must have skills Third Party Program Engaging and Manage Stakeholder and their Reg. related requirements Vendor Management, Project Management, Stakeholder Management, Supply Management Understanding and some experience of Third Part program Looking for professionalism and maturity. Domain – Investment Banking

Role & responsibilities Skillset : SDLC , TPRM Assessments & Cybersecurity (Major requirements or primary skillset) Strong knowledge of best practice processes and technologies across security domains especially related to identity and access management, network security, logging and monitoring. Knowledge of at least one cloud services platform (Amazon Web Services, Microsoft Azure, Google). Job Description: Security, Risk and Technology Strong knowledge of financial services and insurance industry regulations around security and privacy including the Gramm-Leach-Bliley Act, State Privacy Laws, Health Insurance Portability and Accountability Act (HIPAA), Fair Credit Reporting Act, SEC Rules 17a-3 and 17a-4, and state security breach disclosure notification laws. Ability to relate these regulations back to security controls. Understanding and application of information security standards and best practices including NIST Cybersecurity Framework, ISO 27001-4, CoBIT, Cloud Security Alliance, etc. Ability to identify risks, quantify them, and help recommend and design mitigations. Broad knowledge of Unix, Linux, Windows and mainframe server environments. Knowledge of various database platforms. Strong knowledge of best practice processes and technologies across security domains especially related to identity and access management, network security, logging and monitoring. Knowledge of at least one cloud services platform (Amazon Web Services, Microsoft Azure, Google Cloud or Oracle Cloud) Education / Experience: Security, compliance, audit or risk covering a wide area of technologies and security domains including those previously mentioned. Financial industry or highly regulated industry background (Insurance, Banking, etc.) Project work experience with a recognized security, audit, or risk consulting firm a plus CISSP, CISA, CISM or other security/control certifications a plus. Bachelors degree or higher – preferably in Computer Science, Engineering, or a related scientific fields Communication Excellent verbal and written communication skills Ability to develop and QA/oversee development of high quality project artifacts Ability to collaborate, influence and communicate successfully in different ways concisely to different audiences (i.e., in business terms to business people, in technical terms to technical people) Able to develop and present dashboards Engagement Proven ability to engage with customers (IT and Business) and consultants in a highly professional and competent manner. Understanding and experience with project life cycles using proven methodologies – from analysis through implementation with hands-on deliverable development. Ability to work in a matrix reporting environment A practiced ability to influence peers, customers and project teams to make security minded decisions and changes Ability to scope projects, developing project charters, requirements, documenting issues and work plans, vendor selection, product/process design and implementation, change management/communication a plus.

The Senior Resilience Analyst Third-Party is a versatile and innovative risk professional who can support all aspects of Resilience, including Business Continuity, Disaster Recovery and Corporate Crisis Management. You will be responsible for supporting the implementation of a global, enterprise level and sustainable resilience framework in conjunction with a wide range of business stakeholders. About the Role: As the Senior Resilience Analyst, you will: Define the standard of adequate contingency plans for critical third- parties Wholistically pull the together the internal and external plans in case of third-party disruption Work with critical TR stakeholders to inform them of the Resilience framework and its importance. Will play a critical role in the mapping of vendors against critical operations as part of the operational Resilience Program Work with Third-party risk management team to review and approve Business Continuity and Disaster Recovery clauses Deliver subject matter expertise on resilience control function responsibilities within the Third-party lifecycle activities. Have an in-depth knowledge of Business Impact Analyses and work with key stakeholders to get them completed. Deliver BIA training sessions for process and asset owners to better familiarize them of expectations and requirements. Support the implementation of common resiliency and recovery taxonomies and policies. Identify business processes and then work to ensure they are resilient. Meet KPIs for process identification and BIA completion. Leverage BIA output to design new recovery strategies and refresh existing strategies for maintenance and resumption of operations to meet business requirements. Document the strategic information captured through the BIA within standardized business recovery plan templates to support the execution of strategies and the continuation and recovery of business activities. Work with the other teams in Risk and Compliance to drive efficiencies and risk mitigation capabilities across the Risk and Compliance organization. Work together with Third-Party Risk to identify critical third-party vendors (leveraging BIA output) and begin to co-develop recovery strategies with vendors to support continuity of services. Support the enterprise-wide Crisis Management process and integrate escalation and response protocols into the Resiliency function. About you: A Bachelors degree level in relevant subject (e.g., Business Administration/Management, Economics, Finance, Technology, Innovation) 5+ years in a similar role or any valid combination of education and experience Versatility to understand various and complex subjects to adequately build collaborative, productive and trust-based relationships within the business segments and functions Solid experience in creating, editing, and proofreading executive-level documentation and material Proven ability to take initiative and influence within a matrix organization to achieve results Knowledge of controls in business and technology environments (e.g., SOx) Expert knowledge of MS Office (Word, Excel, PowerPoint) Strong knowledge of GRC tools, specifically Fusion Excellent organizational skills and attention to detail, with the ability to autonomously set and meet deadlines Additional key differentiators would be: Hands-on experience in the design and scaling of a Resilience Framework and enhancing organisational maturity. In depth knowledge of ISO 22301. In depth knowledge of Fusion, including process automation. Technology fluency: Knowledge of PowerBI, Tableau and good understanding of technology concepts such as AI, ML, RPA, and data science.

Understanding the requirement to conduct comprehensive information security risk assessment of 3rd party service provider (TPRM) who will provide new services/applications Plan and conduct periodic assessment of existing vendors as per organizations

Experience: Minimum of 2-4 years of experience in third-party risk management, information security, or audit programs. Experience with Venminder and other TPRM platforms. Preferred certifications include CISSP, CRISC, CISM, CISA, CTPRP, ISO, SSAE Degree in Management, Finance, Business, Computer Science, Information Systems, or a related field. Skills: Knowledge of industry regulations and compliance standards. Ability to conduct thorough risk assessments and develop mitigation strategies. Strong attention to detail and organizational skills. Strong data entry skills. Excellent communication, customer service and interpersonal abilities. Will be interacting with many areas of the business as well as Senior stakeholders. Proficiency in TPRM Platforms, Microsoft Office Suite and/or other systems. Ability to work independently and collaboratively in a team environment. Ability to work quickly and effectively under pressure and time constraints. Strong English communication skills (written and spoken) with ability to explain issues and remedies.

Role & responsibilities About the job At Sanofi we chase the miracles of science to improve peoples lives. We are dedicated to making a positive impact on the lives of the patients and families we serve, and we accomplish our goals through world-class research and with the compassion and commitment of our employees. As we continue to transform the practice of medicine, the next chapter of Sanofis Play to Win strategy will require a focus on delivering transformation and simplification of our core processes, optimizing resource allocation and deployment to fuel business growth and investment in science. To facilitate this transformation, a new Business Operations Business Unit is being established, bringing together existing business service activities, and driving further expansion of centralized services at scale into a global unit, with a focus on driving simplification, efficiency, and productivity. This new Business Unit will enable the delivery of best-in-class business support capabilities across the organization, incorporating and engaging disparate teams from across areas such as R&D, M&S, the Corporate Functions and GBUs into new global Service Delivery Towers with initial services spanning Commercial, Finance, Procurement and People & Culture. Reporting to the Head of Procurement Risk Assurance, the Risk Assurance Analyst plays a critical role in assessing and managing risks. The incumbent supports the development and execution of strategies to ensure sustainable supplier relationships align with Sanofi's business objectives. Responsibilities: Risk Assessment : Conduct vendor risk assessments, ensuring third-party services and products align with internal risk and security policies. Regularly review vendor performance and risk exposure, working with procurement and legal teams as necessary. Compliance : Collaborating with procurement teams to drive adherence and enhance controls across the E2E Procurement lifecycle. Ensure compliance with relevant industry standards and regulatory requirements. Reporting and Data Visualization: Generate regular reports and dashboards for TPRM process and Supplier risk factors, compliance metrics, and key performance indicators for stakeholders and leadership. (Power BI, COUPA Analytics preferred) Collaboration: Work closely with Procurement, GBUs and Risk Domain Experts to integrate risk management practices into the supplier relationship lifecycle. Continuous Improvement: Identify opportunities for enhancing risk management processes, implementing best practices to drive positive outcomes. share resume to nedunuri.saikumar@manpower.co.in IT ISA CONTRACTUAL ROLE FOR 1 YEAR AND WILL BE RENEWED YEARLY

Step into a leadership role as a Controls Assurance Manager , driving risk and compliance strategies across the business. You will conduct control testing, oversee issue assurance, and collaborate with senior stakeholders to enhance governance and security frameworks. Location : Mumbai/Pune Your Future Employer: Join a global leader in enterprise security and technology, providing robust governance, risk, and compliance (GRC) solutions. Be part of a dynamic team that ensures regulatory excellence and operational resilience. Responsibilities: Performing control testing across Third Party Risk Management, Operational Resilience, Data & Privacy. Overseeing and supporting the Technology controls testing team. Supporting Issue Assurance processes and validating closure packs. Assisting management in remediating control gaps and implementing improvements. Building strong relationships with key stakeholders and senior leadership. Enhancing IT risk efficiency through innovative approaches. Requirements: Graduate in any discipline. 8+ years of experience in Technology and/or Security Risk Management. Strong knowledge of risk management frameworks and three lines of defense practices. Experience in Financial Services, IT Risk, and Operational Resilience. Certifications like CGEIT/CRISC would be an advantage. Whats in it for you: Opportunity to work with global stakeholders and industry leaders. A dynamic work environment with cutting-edge technology risk practices. Career growth in enterprise security and governance.

Job Description : Approve, within the given mandate, all tier 2-4 Vendor assessments. Advice Global TPCRM and Global DPO on tier 1 Vendor assessments. Collect and evaluate latest Vendor Assurance documents (ISO 27001 certificates and SOC2 statements, tier 1-2) and store them. Escalate high risks to Global TPCRM and Global DPO Launch relevant Vendor assessments (internal and external) Support business departments (Global and OPCOs) and Vendors filling in Vendor assessments Reports: Monthly reporting on Key Performance Indicators (KPI) Reports on Vendor risks, threats or findings Exp : 3+ years Expertise with Vendor Risk Management, GRC, and ISO 27001. Shift timing : 1.00 PM-10 PM IST Hybrid mode of work Location : Hyderabad Notice Period : Immediate- 30 days only.

Role & responsibilities Are you passionate about data, reporting, and stakeholder collaboration? We're looking for a results-driven professional with strong experience in KPI reporting using Power BI , excellent stakeholder coordination skills, and a solid background in IT processes . In this role, you will: Prepare and deliver high-impact meeting decks and committee materials Generate insightful KPIs using Power BI Collaborate with international teams (Paris/Central PMs, TPRM) Support DORA KPI/SLA reporting initiatives Experience working in an international and collaborative environment is a big plus! If you're a detail-oriented, communication-savvy team player who thrives in a dynamic environment, we want to hear from you

Job Title: Transversal TPRM Reporting Analyst Department: Global Banking IT Location: Chennai Experience Required: Minimum 5 years Position Purpose: We are seeking a highly analytical and detail-oriented TPRM Reporting Analyst to join the Global Banking IT Transversal Team. The role requires the preparation and analysis of reports and KPIs using Power BI, with coordination between onshore and offshore stakeholders, especially Paris/central project managers and the ISPL TPRM or Central TPRM teams. Key Responsibilities: Primary Responsibilities: Create and maintain meeting decks and reporting materials for internal committees and stakeholder updates. Build, update, and optimize KPI dashboards and reports using Power BI. Coordinate with Paris-based and central project teams to gather required data and insights. Work closely with ISPL/Central TPRM teams to ensure reporting alignment and accurate data delivery. Ensure all necessary stakeholders are aligned and prepared for committee meetings. Contributing Responsibilities: Provide support on DORA KPI/SLA topics in collaboration with project managers and functional leads. Contribute to the development of processes for performance monitoring and reporting. Technical Competencies: Proven experience and proficiency in Power BI and KPI dashboard creation. Strong skills in Microsoft Excel and PowerPoint for reporting and presentations. Working knowledge of IT processes and service management. Familiarity with SharePoint for collaboration and documentation. Behavioral Competencies: Excellent communication skills (both oral and written) with the ability to manage stakeholders across geographies. Strong attention to detail and organizational skills. Collaborative, customer-focused mindset with the ability to thrive in a team environment. Initiative-driven and capable of working independently in a fast-paced, global setting. Preferred Qualifications: Prior experience working in an international/global team environment. At least 2–3 years of experience in handling TPRM or risk reporting processes. Experience producing and managing statistical reports, performance indicators, and SLAs.

About The Role Experience - 15+ years Location - experience and exposure of implementing following ServiceNow applications/module/process ITSM ITOM (Discovery and CMDB CSDM model) Performance Analytics and Reporting Software Asset management GRC/IRM/TPRM/BCM SecOps (Security Incident and Vulnerability Management) Third Party B2B Integrations using REST and SOAP APIs MID Server Setup and Administration Service Graph Connectors for MS Intune and AWS Discovery ? AWS Event based discovery Platform upgrade and clone administration ServiceNow Mobile Applications Service Portal, , Dashboards and Reports Performance Analytics Flow designer ITSM Virtual Agent Service Graph Connectors for discovery of AWS and MS Intune ? Optimized ServiceNow implementation by analyzing business processes and recommending system enhancements. Streamlined service delivery with the development of custom applications and workflows within ServiceNow. Managed complex integrations between ServiceNow and third-party systems to improve data flow and automation capabilities. Provided ongoing support for implemented solutions, addressing issues promptly to maintain optimal system performance. Led cross-functional teams in the execution of strategic initiatives related to ServiceNow adoption across the organization. ? Assisted clients in defining clear project requirements, translating them into actionable plans for successful solution deployment. Contributed to process improvement efforts, identifying areas for optimization within existing service management procedures. Collaborate closely with stakeholders at all organizational levels to understand their needs and tailor solutions accordingly within the ServiceNow platform. ? Mandatory Skills: Servicenow-Development. Experience8-10 Years. Reinvent your world. We are building a modern Wipro. We are an end-to-end digital transformation partner with the boldest ambitions. To realize them, we need people inspired by reinvention. Of yourself, your career, and your skills. We want to see the constant evolution of our business and our industry. It has always been in our DNA - as the world around us changes, so do we. Join a business powered by purpose and a place that empowers you to design your own reinvention. Come to Wipro. Realize your ambitions. Applications from people with disabilities are explicitly welcome.

Tata Consulting Engineers Limited is looking for Business Support - Consultant - Technology Vertical to join our dynamic team and embark on a rewarding career journey Customer Assistance: Providing timely and helpful support to customers who reach out with inquiries, problems, or requests for assistance Issue Resolution: Diagnosing and troubleshooting technical issues, product malfunctions, or service disruptions, and offering solutions or workarounds Technical Expertise: Demonstrating a deep understanding of the products, services, or systems being supported, and staying updated on changes and updates Communication: Communicating with customers via various channels, such as phone, email, live chat, or in-person, in a professional and courteous manner Documentation: Recording customer interactions, including the nature of the issue and the steps taken to resolve it Product Knowledge: Maintaining a strong knowledge of the company's products, services, or systems to provide accurate and effective support Training and Education: Assisting customers in understanding and effectively using the products or services by providing guidance and training

About The Role : Job TitleInformation Security Analyst, AS LocationMumbai, India Role Description CRO DCO Resilience team Manages and Governs various risk types for Chief Risk Office (CRO) including but not limited to Information Security, Data Protection, Records Management, Business Continuity, Vendor / Third Party Risk Management (TPRM) The Resilience team in India is a part of CRO's Divisional Control Office (DCO) responsible for Governance on various risk types Information Security Analyst will be responsible for ensuring governance on information security and other risk types for various CRO Functions Information Security Analyst will support CRO DCOs efforts to identify, analyse and report the non-financial risks of the CRO Function, thereby ensuring that Group and Functional standards are consistently applied. The candidate is required to demonstrate very good understanding of risk management activities, paired with strong stakeholder management and Microsoft office skills. The role will have full exposure to all areas within CRO and requires working closely with a variety of stakeholders. The role has considerable scope for professional development across the Risk Management domain What we'll offer you As part of our flexible scheme, here are just some of the benefits that youll enjoy Best in class leave policy Gender neutral parental leaves 100% reimbursement under childcare assistance benefit (gender neutral) Sponsorship for Industry relevant certifications and education Employee Assistance Program for you and your family members Comprehensive Hospitalization Insurance for you and your dependents Accident and Term life Insurance Complementary Health screening for 35 yrs. and above Your key responsibilities As the Information Security & Technology Analyst your responsibilities will include (but not be limited to): Assume ISO ownership for assigned Risk applications Ensure execution of Information Security risk assessments and compliance evaluation Ensure implementation of controls for identified Information Security and Technology risks for designated business applications and functions Ensure implementation and maintenance of Identity and Access Management processes, as well as execution of periodical recertification of User Access Rights Ensure annual validation of key application documentation, including KOP and User access matrix for each assigned application and activities Provide timely updates to the DBISO and/or Risk Chief BISO regarding afore mentioned tasks Ensure accuracy of application entries regarding Information Security in the Group inventory of applications (NAR) Engage and create a positive network across external teams like Technology, respective functions, Chief BISOs, Risk type managers etc. Treatment of escalation questions regarding problems as well as assessments of potential violations of regulatory or internal guidelines regarding Information Security Cooperation in improving existing processes and workflows as well as independent implementation of new processes Regular attendance at scheduled meetings and telephone conferences, e.g., presentations of work results to senior decision-makers/workgroups, processing of meetings and telephone conferences (preparation of agendas, if needed, keeping the minutes) Management of urgent activities at short notice Management of enquiries from auditors and regulators Your skills and experience Core understanding of non-financial risk. Good understanding of risk management activities and internal control frameworks. Strong analytical skills to interpret and analyse data. The ability to successfully navigate a complex organisation, build strong relationships and work collaboratively with diverse stakeholders across the bank Very good Microsoft Office skills, particularly Excel and PowerPoint A sound knowledge of Information Security would be preferred along with Information Security Certifications / skills How we'll support you Training and development to help you excel in your career Coaching and support from experts in your team A culture of continuous learning to aid progression A range of flexible benefits that you can tailor to suit your needs