Third-party Risk Management

a month ago

Expires on12 Dec 2025

Kanpur, Republic Of India, India

Job description & requirements

Position: . Manager – Information Security (Third-Party Risk Management)

Experience: 15–20 Years

Work Mode: Remote

Educational Qualifications / Certifications

  • Bachelor’s degree in Computer Science, Engineering, or a related field (or equivalent work experience).
  • Professional certifications preferred: CISA, CRISC, CISM, or CISSP (one or more).
  • Strong verbal and written communication skills.
  • Excellent organizational skills with a self-motivated learning mindset.
  • Proven hands-on experience in building and implementing Information Security Third-Party Risk Management programs.

Roles and Responsibilities

  • Enhance and mature the Information Security Third-Party Risk Management (TPRM) framework, including developing and defining risk appetite.
  • Develop and implement effective strategies to manage and mitigate risks associated with high-risk suppliers.
  • Oversee and perform security risk assessments , business impact analyses , and security control evaluations across third-party vendors using OneTrust .
  • Maintain a comprehensive risk register within OneTrust to track and monitor identified risks.
  • Provide oversight for supply chain security assessment remediation , and facilitate the creation of CUECs to define shared responsibility models.
  • Review and advise on client MSA security terms and conditions , partnering with the legal team.
  • Ensure compliance with firm-wide information security policies and regulatory requirements .
  • Collaborate with stakeholders across lines of defense to review and refine assessment results.
  • Establish and maintain robust risk reporting and escalation processes .
  • Stay updated on emerging threats , best practices, and relevant security legislation.
  • Partner effectively with internal and external stakeholders to address security concerns impacting the business.
  • Contribute to developing scalable tools and models that enhance decision-making efficiency and accuracy.
  • Gather feedback from stakeholders to improve and evangelize the third-party risk management program.
  • Prepare concise and meaningful risk assessment reports and dashboards for leadership.
  • Lead the creation and presentation of deep-dive reports and responses for senior executives .

Key Skills

  • Third-Party Risk Management (TPRM)
  • Information Security Governance
  • OneTrust Platform
  • Vendor Risk Assessment
  • Regulatory Compliance & Policy Enforcement
  • Risk Reporting & Mitigation
  • Strong Stakeholder Management


Apply on

Job domain/function :

Educational qualifications :

Location :

Kanpur, Republic Of India, India

Create alert for similar jobs

Company profile

similarJobs