• Primary mandate skill required – Third Party Risk Assessment, NIST Framework, ISO 27001, IT Audit/ Audit Management.
• Secondary mandate skill required – One Trust, BCP/ DR
• Flexible to hire in any location – If not, please mention job location:- Flexible, but prefer Chennai or Blore
• Detailed Job Description –

• Build and foster a strong rapport and relationship across the enterprise to collaborate with key stakeholders including Procurement, Legal, Physical and Cybersecurity, Compliance, Privacy, Technology, and other business functions to identify, assess and design plans to mitigate and monitor risks associated with third parties
• Support TPRM Program & platform development and ongoing maturation through updating standards, procedures, processes, internal controls, etc.
• Generate and implement quality assurance standards, conduct vendor assessments, monitor program output (data, deliverables, etc.), and identify opportunities for improvement
• Ensure required risk management activities and control weaknesses are identified prior to contract execution with third party provider, or appropriate risk acceptance is documented and approved in third-party risk platform
• Monitor and evaluate the ongoing performance of third-party vendors in alignment with internal strategies, industry best practices, standard security frameworks, and regulatory guidance
• Evaluate third party maturity using ISO, the Cybersecurity Maturity Model Certification, NIST, GDPR and other industry framework standards and best practices
• Gather a full inventory of third parties and work on remediation and participate in change management process and data clean up in third-party platform and other systems
• Conduct training on third-party platform to team members as needed, to drive standardization and consistency of Program execution
• Complete research and analysis as needed to close Program gaps.
• Create and deliver presentations on status updates of TPRM program/platform, ensuring transparency and accountability at all levels of the organization
• Risk management culture: Supports the company’s commitment to risk management and protecting the integrity and confidentiality of systems and data

• Client round – Yes

Keywords- Governance & Compliance – CCPA , Governance & Compliance – GDPR , Governance&Compliance-PCI DSS , Audit Management , ISO 27001 , SOX IT 404