Talent.com
Manager, Information Risk & Security

Manager, Information Risk & Security

Cubical Operations LLPBengaluru, Republic Of India, IN
1 day ago
Job description

Job Title : Manager – Third Party Risk Management (TPRM)

Location : Bangalore

Experience : 6+ Years

Department : Information Risk Management / Information Security

About the Role :

We are seeking an experienced TPRM Manager to lead and enhance our Third-Party Risk Management framework. The ideal candidate will have a strong background in Information Risk Management (IRM) , Information Security (InfoSec) , and vendor risk assessment , with the ability to evaluate and mitigate risks associated with third-party engagements across business functions.

Key Responsibilities :

  • Lead end-to-end Third Party Risk Management lifecycle including onboarding, due diligence, assessment, monitoring, and offboarding.
  • Perform detailed risk assessments of vendors based on defined risk criteria — including Information Security, Privacy, and Regulatory requirements.
  • Collaborate with internal stakeholders (Procurement, Legal, Compliance, IT Security) to ensure adherence to enterprise risk standards.
  • Identify and assess information security and operational risks associated with third parties and recommend appropriate mitigation actions.
  • Develop and maintain the TPRM framework , policies, and risk assessment methodologies in line with industry best practices (ISO 27001, NIST, etc.).
  • Review vendor SOC reports, ISO certifications, penetration test results, and other assurance documents to validate control effectiveness.
  • Track, monitor, and report on vendor risks, remediation progress, and performance metrics to senior management.
  • Support internal and external audits related to TPRM, IRM, and InfoSec programs.
  • Drive continuous improvement initiatives in the TPRM process using automation and data analytics where possible.

Required Skills & Experience :

  • 6+ years of experience in Third Party Risk Management , Information Risk Management , or Information Security .
  • Strong understanding of risk assessment frameworks (ISO 27001, NIST, COBIT, CSA, etc.).
  • Hands-on experience in conducting vendor security assessments , control testing , and remediation follow-ups .
  • Working knowledge of data protection, cybersecurity principles , and compliance standards (GDPR, RBI, SEBI, etc.).
  • Excellent analytical, communication, and stakeholder management skills.
  • Experience in using TPRM tools or GRC platforms is an advantage (e.G., Archer, ServiceNow, OneTrust, MetricStream).

    • Preferred Certifications :

  • ISO 27001 Lead Auditor / Implementer
  • CISA / CISM / CRISC / CISSP (preferred)
  • Any Third-Party Risk or Vendor Risk certification will be an added advantage

    • Key Attributes :

  • Strong problem-solving and decision-making skills
  • Ability to work independently and in cross-functional teams
  • Excellent stakeholder and vendor management capability
  • Attention to detail with a focus on compliance and risk mitigation
    • Create a job alert for this search

    Manager Information Security • Bengaluru, Republic Of India, IN