i
Recrosoft Technologies
27 Recrosoft Technologies Jobs
Risk Manager/Third-Party Risk Management Specialist (4-8 yrs)
Recrosoft Technologies
posted 6d ago
Flexible timing
Key skills for the job
Job Description: Third-Party Risk Management (TPRM) Specialist
Location: Mumbai (Goregaon)
Experience: 4 to 8 years
Employment Type: Full-Time
About the Role
We are seeking a highly skilled and experienced Third-Party Risk Management (TPRM) Specialist to join our team. The ideal candidate will have a strong background in assurance, information security, and vendor/supplier/third-party risk assessment. This role requires expertise in cybersecurity standards, technical domains, and emerging technologies, along with exposure to TPRM-specific regulations and tools. The candidate will play a critical role in assessing and mitigating risks associated with third-party engagements while ensuring compliance with global regulations and industry standards.
Key Responsibilities:
- Conduct comprehensive risk assessments of third-party vendors, suppliers, and partners, including risk profiling and country risk assessments.
- Evaluate third-party compliance with cybersecurity standards such as ISO27001, PCI-DSS, ISO22301, and privacy regulations.
- Assess technical domains including network security, cloud security, application security, and control testing.
- Analyze risks associated with emerging technologies such as robotics, IoT, DLT, Social, and Mobile platforms.
- Ensure adherence to TPRM-specific regulations (e.g., FED, MAS, OCC) and outsourcing/technology regulations.
- Work with TPRM tools and platforms such as KY3P, TruSight, ServiceNow, OneTrust, CyberGRX, and Coupa.
- Perform IT compliance audits, ITGC testing, and assurance activities, leveraging strong auditing skills.
- Collaborate with cross-functional teams to identify, assess, and mitigate third-party risks.
- Prepare detailed reports and documentation for risk assessments, audits, and compliance reviews.
- Travel within India or abroad as required for projects and assignments.
Qualifications:
- Bachelor's degree in Computer Science, Information Technology, or a related field.
- 4 to 8 years of experience in assurance, information security, vendor/supplier/third-party risk assessment, or related fields.
- Expertise in cybersecurity standards such as ISO27001, PCI-DSS, ISO22301, and privacy regulations.
- Knowledge of technical domains like network security, cloud security, and application security.
- Familiarity with TPRM-specific regulations (FED, MAS, OCC) and experience assessing third parties such as brokers, exchanges, etc.
- Hands-on experience with TPRM tools and platforms like KY3P, TruSight, ServiceNow, OneTrust, CyberGRX, and Coupa.
- Strong auditing skills, with experience in IT compliance, ITGC testing, and assurance.
- Prior experience in IT Audit, SOC 1, and SOC 2 is a plus.
- Relevant certifications such as CISA, CISSP, CISM, ISO27001 LA/LI, or Cloud Security certifications are highly desirable.
- Excellent problem-solving, logical reasoning, and analytical skills.
- Strong written and verbal communication skills, with the ability to collaborate effectively in team environments.
- Willingness to travel as needed for projects and assignments.
- Demonstrated integrity, values, principles, and work ethic, with the ability to lead by example.
Functional Areas: Other
Read full job descriptionPrepare for Risk Management Specialist roles with real interview advice
7-12 Yrs