Talent.com
Third Party Risk Management

Third Party Risk Management

Tata Consultancy Servicesmalappuram, India
20 hours ago
Job description

Exp : 5 to 12 yrs

Job description

Role & responsibilities

  • Should be able to develop and manage a comprehensive third party risk management framework / program.
  • Should be able to drive regulatory compliance / remediation programs such as Digital Operational Resilience Act (DORA).
  • Should be independently able to manage third party due diligence including initial risk assessments and ongoing monitoring.
  • Contribute to governance and facilitate remediation recommendations of related risks, deficiencies, gaps or issues, advice with identifying compensating controls alternative where compliance requirements cannot be met.
  • Document and present overall residual risk to higher management for approvals and risk acceptances.
  • Interact with vendors, business, and multiple stakeholders to assess, explain and remediate the risks identified.
  • Ongoing monitoring activities such as performance monitoring, contractual compliance, SLA / KPI adherence, negative news monitoring etc.
  • Test design and operating effectiveness of TPRM controls, identify gaps and recommend improvements.
  • Support key reporting activities associated within key functions. Perform adhoc IT risk analysis and reporting.

Technical / Functional Skills

  • Relevant experience in TPRM (Program / Framework level)
  • Knowledge of Broader Operational Resilience / Tech Resilience Framework / Programs
  • Expertise in Third Party Risk Assessments
  • Expertise in cyber security including standards such as ISO27001, PCI-DSS, ISO 22301 etc.
  • Experienced in review of SSAE18, SOC 2, HITRUST, SIG and CAIQ reports.
  • Understanding of application and network security and should understand penetration testing and scan reports.
  • Knowledge of key TPRM regulations such as DORA, OSFI – B10, FCA FG 16 / 5, PRA SS2 / 21, FFIEC, EBA Guidelines etc.
  • Strong audit / control testing skills are desirable.
  • Certifications such as CTPRP, CTPRA, CRVPM, CRISC, CISA, CISSP are good to have.
    • Create a job alert for this search

    Risk Management • malappuram, India