Talent.com
No longer accepting applications
Third Party Risk Management (TPRM) Analyst

Third Party Risk Management (TPRM) Analyst

Silicon Comnet Pvt Ltdnashik, maharashtra, in
15 hours ago
Job description

L1 – Third Party Risk Management (TPRM) Analyst

Location : Client site, Gurugram Office

Work mode : Work from office

Budget : 7 LPA

Key Responsibilities :

  • Assist in executing third-party / vendor risk assessments as per defined procedures and checklists.
  • Review and validate vendor responses to security and compliance questionnaires (e.g., SIG, CAIQ, ISO 27001) .
  • Collect, track, and organize due diligence evidence (policies, certifications, SOC 2 reports, etc.) from vendors.
  • Identify and document potential security or compliance gaps for review by L2 / L3 analysts.
  • Maintain and update the vendor risk register and assessment tracker.
  • Support the remediation follow-up process with vendors and internal stakeholders.
  • Participate in periodic reviews of critical vendors as per risk tiering.
  • Support in preparing dashboards, reports, and audit documentation for management and clients.
  • Coordinate with internal cybersecurity, legal, and procurement teams for vendor onboarding and compliance validation.

Required Skills & Qualifications :

  • Bachelor’s degree in Computer Science, Information Technology, or Cybersecurity (or equivalent).
  • 1–2 years of experience in cybersecurity governance, risk management, or audit ).
  • Basic understanding of information security concepts (ISO 27001, NIST CSF, SOC 2, GDPR, etc.).
  • Familiarity with third-party risk management or vendor due diligence processes preferred.
  • Strong communication, documentation, and analytical skills.
  • Attention to detail and ability to follow structured processes and workflows.

    • Good-to-Have :

  • Exposure to GRC or TPRM tools (e.g., Archer, OneTrust, ServiceNow VRM, ProcessUnity, MetricStream).
  • Knowledge of risk assessment methodologies and control frameworks (CIS, NIST, ISO).
  • Basic cybersecurity certification (e.g., CompTIA Security+, ISO 27001 Foundation, or CSA STAR ) will be an added advantage.

    • Kirti Rustagi

    kirti.rustagi@raspl.com

    Create a job alert for this search

    Risk Analyst • nashik, maharashtra, in