TPRM Manager

Job Description

Position: Third Party Risk Management (TPRM) Manager Location: Mumbai Reports to: CISO Key Responsibilities: Due Diligence Risk Assessment: Perform thorough due diligence on third party vendors, evaluating operational, security, compliance, and financial risks. Vendor Monitoring Reporting: Continuously assess and monitor third party risks, security postures, and contract compliance. Report risk status to senior management. Risk Mitigation Incident Management: Implement risk mitigation strategies and lead incident management for third party breaches or failures. Cross Department Collaboration: Work with procurement, legal, IT, and other business units to ensure third party contracts and security align with risk management strategies. Technical Skills Tools: Risk Management Tools: Experience with RSA Archer, MetricStream, or LogicManager for risk assessments, vendor scoring, and compliance tracking. Security Monitoring: Proficiency in SIEM tools like Splunk, IBM QRadar, and ArcSight for detecting, analyzing, and managing third party security events. Vulnerability Management: Hands on experience with Tenable.io, Qualys, or Rapid7 Nexpose for vulnerability scanning and management. Third Party Management Platforms: Familiarity with OneTrust, ProcessUnity, or Prevalent for ongoing third party risk assessments and monitoring. Incident Response: Experience using tools like ServiceNow or PagerDuty for handling third party security incidents and coordinating remediation actions. IAM Tools: Working knowledge of Okta, CyberArk for ensuring secure vendor access to bank systems. Qualifications: Education: Bachelors degree ISO/IEC 27001 Lead Implementer PCI DSS Certified Information Systems Auditor (CISA) Strong analytical skills with the ability to assess and mitigate complex third party risks. Excellent communication and stakeholder management skills. Ability to navigate regulatory environments and ensure compliance with third party risk policies. Ability to drive strategic risk management initiatives while handling day to day operational challenges.