Job Description
Job Description
Job Title:
TPRM Manager – Cybersecurity & Technology Risk
Location:
Ahmedabad, India
Experience:
7+ Years
Department:
Technology Risk, Cybersecurity & TPRM Consulting
Reporting To:
Regional Partner / Director – Technology Risk & Cybersecurity
Notice Period:
Early joiners preferred
Role Overview
We are seeking a highly capable and self-driven
TPRM Manager
to establish and scale the
Third Party Risk Management
practice in
Ahmedabad . This is a leadership role in a growing geography, requiring independent ownership of client engagements, end-to-end vendor risk assessments, stakeholder management, and contribution to regional practice and revenue growth.
The ideal candidate will have strong expertise in
TPRM, IT Risk Management, and Information Security , with hands-on experience in vendor assessments, control evaluations, and regulatory compliance across BFSI and regulated industries.
Key Responsibilities
1. Client & Engagement Management
Independently lead
TPRM engagements
for clients across BFSI, Telecom, Manufacturing, Healthcare, and GCCs.
Act as the
single point of contact
for TPRM engagements in the Ahmedabad region.
Build trusted relationships with
CXOs, CISOs, Procurement Heads, Compliance, and Internal Audit leaders .
Plan, scope, and execute
third-party risk assessments
aligned with industry standards and regulatory expectations.
Review assessment reports, risk ratings, and remediation plans to ensure
quality, consistency, and timely delivery .
2. TPRM & Risk Assessment Delivery
Conduct
end-to-end vendor risk assessments , including inherent risk scoring and residual risk evaluation.
Assess third-party controls across:
Information Security & Cybersecurity
IT General Controls (ITGC)
Data Privacy & Regulatory Compliance
Business Continuity & Disaster Recovery (BCP/DR)
Cloud and Outsourced Service Providers
Perform
SOC 1 / SOC 2 report reviews , control gap analysis, and risk acceptance recommendations.
Evaluate compliance with frameworks and regulations such as
ISO 27001, NIST CSF, CIS Controls, RBI, SEBI, GDPR, and local data protection requirements .
Coordinate with specialist teams for
VAPT, cloud security, and privacy assessments
where required.
3. Stakeholder & Team Leadership
Collaborate with internal stakeholders including
partners, service line leaders, legal, compliance, and delivery teams
across regions.
Provide
technical guidance, mentoring, and quality reviews
for junior consultants and analysts.
Represent the Ahmedabad location in
regional TPRM capability-building initiatives and leadership forums .
4. Business Development & Market Growth
Identify and develop opportunities in
TPRM, vendor risk, and digital trust services .
Support
proposal development, RFP responses, and client presentations .
Participate in
industry forums, client workshops, and thought leadership initiatives
focused on third-party risk.
Contribute to regional revenue targets and help build a
local TPRM client portfolio .
Qualifications & Experience
Education:
B.E./B.Tech in Computer Science, IT, or related discipline (MBA preferred).
Experience:
7+ years of experience in
TPRM, IT Risk, Cybersecurity, or Technology Risk Consulting .
Hands-on experience in
vendor risk assessments, SOC report reviews, and regulatory compliance .
Proven ability to manage
end-to-end client engagements independently .
Exposure to business development and client acquisition is a strong advantage.
Certifications (Preferred)
CISA
CISM
ISO 27001 Lead Auditor
CRISC
Third Party Risk / Vendor Risk certifications
Data Privacy certifications (preferred)
Core Skills & Competencies
Strong understanding of
TPRM lifecycle , inherent risk scoring, due diligence, and continuous monitoring.
Working knowledge of
ISO 27001, NIST CSF, CIS Controls, COBIT, RBI & SEBI guidelines , and global regulatory expectations.
Ability to translate
vendor control gaps into business and regulatory risk .
Excellent communication, presentation, and stakeholder management skills.
