TPRM Manager / Senior Manager - Cyber

Job Description

Job Title: TPRM Manager Location: Bangalore and Delhi (Work From Office) Experience: 6+ Years Employment Type: Full-Time Job Summary: We are seeking an experienced and proactive Third Party Risk Management (TPRM) Manager to join our growing risk and compliance team. The ideal candidate will be responsible for managing the end-to-end third-party risk lifecycle, driving compliance with regulatory and organizational standards, and collaborating with cross-functional teams to ensure robust information security and risk management practices. Key Responsibilities: Lead and manage third-party risk assessments across vendors, service providers, and partners. Evaluate vendor controls around cybersecurity, data privacy, compliance, and operational risk. Collaborate with procurement, legal, IT security, and business teams to ensure third-party risks are identified, assessed, monitored, and mitigated effectively. Ensure compliance with ISO 27001, regulatory requirements, and internal GRC frameworks. Develop and maintain TPRM documentation, policies, processes, and metrics. Work closely with audit and compliance teams for periodic reviews, internal audits, and external regulatory audits. Monitor vendor performance and maintain an updated risk register. Conduct control testing, review vendor SOC reports, and track remediation plans for non-compliance or control gaps. Provide training and awareness sessions on third-party risk, GRC, and IT security standards to stakeholders. Required Skills and Experience: Minimum 6 years of hands-on experience in Third Party Risk Management (TPRM) . Strong knowledge of GRC frameworks , ISO 27001 , IT Audit , and Network Security . Experience with cloud security and assessing cloud-based vendors (AWS, Azure, GCP). Familiarity with regulatory frameworks such as GDPR, RBI, SEBI, etc. Experience in risk assessment methodologies, control frameworks (NIST, COBIT), and issue tracking/remediation processes. Strong stakeholder management, analytical thinking, and problem-solving skills. Excellent communication, documentation, and presentation skills. Preferred Qualifications: Bachelor's degree in Information Security, Computer Science, or a related field. Certifications such as CISA , CRISC , ISO 27001 Lead Auditor/Implementer , CISSP , or similar are a plus. Prior experience working in BFSI, IT/ITES, or consulting firms will be advantageous. Immediate joiners preferred.