Talent.com
This job offer is not available in your country.
Third Party Security Risk Analyst

Third Party Security Risk Analyst

ConfidentialBengaluru / Bangalore
12 days ago
Job description

Key Responsibilities :

  • Vendor Security Documentation Review
  • Evaluate third-party security artifacts including SOC 2 Type II reports, ISO / IEC 27001 certificates (with Statement of Applicability), vulnerability assessments and penetration testing (VAPT) results, and security policy documentation. Identify gaps or weaknesses in vendor controls and document potential risks for review.
  • Technical Capability Assessment
  • Analyze vendor capabilities related to identity and access management (SSO, MFA), data protection (encryption at rest / in transit, field-level encryption, masking), integration options (agents or SDKs / libraries, APIs, webhooks, file-based), and logging (support for SIEM integration, event types, delivery mechanisms). Validate alignment with Broadridge standards.
  • Stakeholder Communication and Guidance
  • Provide subject matter expertise to Business stakeholders evaluating third-party solutions. Help translate security findings into business terms, and support vendor communications to clarify expectations and request missing documentation or clarifications on security capabilities.
  • Continuous Improvement and Standardization
  • Help refine the interactions between BISG and TPRM and the security assessment process by contributing to standard checklists, risk scoring models, and onboarding workflows. Stay current on emerging third-party security risks and recommend enhancements to evaluation criteria over time.

Required Skills and Qualifications :

  • Bachelor s degree in computer science, information technology or a related field.
  • 5-8 years of experience in Information Security, with at least 3 years in vendor security reviews or third-party risk management.
  • Strong understanding of cloud service provider controls, SaaS architectures, and data protection strategies.
  • Familiarity with security and compliance frameworks such as SOC 2, ISO 27001, NIST SP 800-53, and CIS Controls.
  • Hands-on experience evaluating documentation such as SOC 2, VAPT reports, risk assessments, and policy / procedure artifacts.
  • Working knowledge of IAM principles (SSO, MFA), secure integration practices (API security, encryption), and log management (SIEM integrations).
  • Clear and concise written communication skills with the ability to summarize risk and control gaps effectively.
  • Ability to collaborate across multiple stakeholder groups and manage competing priorities.

    • Preferred Qualifications :

  • Experience working in a regulated industry (e. g. , financial services, healthcare, insurance).
  • Certifications such as CCSK, CISA, CRISC, or Certified Third Party Risk Professional (CTPRP), Certified Third Party Risk Assessor (CTPRA), or Certified Third Party Risk Management Professional (C3PRMP).
  • Familiarity with third-party risk tools and platforms (e. g. , ProcessUnity, Archer) is a plus.

    • Skills Required

    Penetration Testing, System Analysis, Saas, Information Security, Soc, System Security

    Create a job alert for this search

    Risk Analyst • Bengaluru / Bangalore

    Related jobs
    • Promoted
    ColorTokens - L3 Senior Security Analyst

    ColorTokens - L3 Senior Security Analyst

    ColortokensBangalore
    Job Title : Senior Security Analyst L3 Location : Bangalore (on site) Experience Level : 5 to 8 years<...Show moreLast updated: 30+ days ago
    • Promoted
    Security & Compliance Analyst

    Security & Compliance Analyst

    ConfidentialBengaluru / Bangalore, India
    Audit & Compliance Management : .Lead SOC2, ISO 27001, AI Risk Assessment, and other audits end-to-end.Act as the single POC for the global audit team, handling documentation, evidence collection, an...Show moreLast updated: 9 days ago
    • Promoted
    Security and Compliance Analyst

    Security and Compliance Analyst

    Anumanabangalore, karnataka, in
    Position : Security and Compliance Analyst.Work Mode : Hybrid (3 days in the office, 2 days remote).Anumana is seeking a detail-oriented and proactive Security and Compliance Analyst to ensure our or...Show moreLast updated: 7 days ago
    • Promoted
    INFOLOB Global - Security Compliance Analyst II

    INFOLOB Global - Security Compliance Analyst II

    INFOLOB SOLUTIONS INDIA PRIVATE LIMITEDBangalore
    Job Description : At Infoblox, every breakthrough begins with a bold what if.What if your ideas could ignite global innovation?. What if your curiosity could redefine...Show moreLast updated: 6 days ago
    • Promoted
    NetAnalytiks - EDR Security Analyst - Sentinel / Crowdstrike

    NetAnalytiks - EDR Security Analyst - Sentinel / Crowdstrike

    NETANALYTIKS TECHNOLOGIES LIMITEDBangalore
    Job Overview : We are looking for an experienced EDR Security Analyst to strengthen our cybersecurity operations team.The ideal candidate will have hands-on expertis...Show moreLast updated: 11 days ago
    • Promoted
    Application Security Analyst - Vulnerability Management

    Application Security Analyst - Vulnerability Management

    Sampoorna Consultants Pvt. LtdBangalore
    Key Responsibilities : - Support vulnerability assessments using SAST, DAST, and SCA tools.Collaborate with DevOps, Vulnerability Management teams,...Show moreLast updated: 30+ days ago
    • Promoted
    Smarsh - Lead Security Operations Analyst

    Smarsh - Lead Security Operations Analyst

    SmarshBangalore
    Company Description : Smarsh is the leader in Communications Compliance, Archiving, and Analytics.We provide compliance across the broades...Show moreLast updated: 30+ days ago
    • Promoted
    • New!
    Third Party Risk Management - Cyber Security (Pune, Bangalore, Gurgaon)

    Third Party Risk Management - Cyber Security (Pune, Bangalore, Gurgaon)

    DigiHelic Solutions Pvt. Ltd.Bangalore, IN
    Lead the end-to-end third-party risk assessment process including initial due diligence, onboarding, and periodic reviews. Collaborate and lead discussions with various departments from client’s tea...Show moreLast updated: 3 hours ago
    • Promoted
    Risk Analyst

    Risk Analyst

    RecroBengaluru, Karnataka, India
    End-to end implementation of ISO 27001 risk management framework.Demonstrated ISO 27001 or other standard audit framework skillset in several information security domains Mandatory.Experience condu...Show moreLast updated: 26 days ago
    • Promoted
    Cyber Security Analyst

    Cyber Security Analyst

    Digivance SolutionBangalore
    Job Title : Cyber Security : : 1-3 Years Key Responsibilities : < / ...Show moreLast updated: 20 days ago
    • Promoted
    Cyderes - Senior Security Analyst - SIEM

    Cyderes - Senior Security Analyst - SIEM

    CyderesBangalore
    Cyderes (Cyber Defense and Response) is a pure-play, full life-cycle cybersecurity services provider with award-winning managed security services, identity and access management, and professional s...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst

    Security Analyst

    Tata Consultancy ServicesBengaluru, Karnataka, India
    Experience range : 6 to 8 years.Location : Bengaluru, Hyderabad, Chennai, Pune, Kolkata.Provide BAU support for secrets management applications like. Collaborate with various internal and external st...Show moreLast updated: 6 days ago
    • Promoted
    Greenway Health - GRC Security Analyst

    Greenway Health - GRC Security Analyst

    GREENWAY HEALTH INDIA PRIVATE LIMITEDBangalore
    The GRC Security Analyst will plan and implement policies, procedures, standards, and controls to govern the protection of corporate information systems, networks, and data.The GRC securi...Show moreLast updated: 30+ days ago
    • Promoted
    Oracle Cloud ERP Senior Analyst (Security and Risk Management)

    Oracle Cloud ERP Senior Analyst (Security and Risk Management)

    Sikich IndiaBengaluru, Karnataka, India
    Sikich is seeking an Oracle Cloud ERP Senior Analyst (Security and Risk Management) with 5+ years of related experience in Oracle Cloud or any other Tier 1 ERP application.About the firm Sikich ...Show moreLast updated: 30+ days ago
    • Promoted
    Security Analyst

    Security Analyst

    Total CollectR Virtual Collector & Debt NegotiatorHosur, Tamil Nadu, India
    Total CollectR , a product of Total AI Systems , is a cutting-edge SaaS platform that helps businesses manage past-due debt collection accounts. We create better consumer experiences, help our cust...Show moreLast updated: 4 days ago
    • Promoted
    Security Analyst

    Security Analyst

    ConfidentialBengaluru / Bangalore, India
    You are someone who thrives in a high-performance environment, bringing a growth mindset and entrepreneurial spirit to tackle meaningful challenges that have a real impact.In return for your drive,...Show moreLast updated: 30+ days ago
    • Promoted
    Security Technology Lifecycle Analyst

    Security Technology Lifecycle Analyst

    HR PLACEMENT CONSULTANTS (HRPC)Bangalore Rural, Karnataka, India
    Position - Analyst - Security Technology Lifecycle Analyst.Job Type - Full-time (Third party payroll •).The Security Technology Lifecycle Analyst plays a critical role in supporting the Corporate Se...Show moreLast updated: 20 days ago
    • Promoted
    Cyber Security - Third Party Cyber Risk Analyst - BA

    Cyber Security - Third Party Cyber Risk Analyst - BA

    ComputacenterBengaluru, Karnataka, India
    Operates the Third-Party Cyber Risk Management framework to ensure.Operate the Third-Party Cyber Risk Management Framework (~ 90%). Third-Party Risk Management framework : operate processes and proce...Show moreLast updated: 7 days ago