Associate Manager - Third Party Risk Management

Pune, Maharashtra
Permanent
Full-time

1 month ago

We never ask for any kind of payment as part of our selection process, and we always contact candidates via our corporate accounts and platforms. If you are approached for payment or asked to make a purchase, this is likely to be fraudulent. Please check to see whether the role you are interested in is posted here, on our website.About TMF GroupTMF Group is a leading provider of administrative services, helping clients invest and operate safely around the world. As a global company with 11,000+ colleagues based in over 125 offices across 87 jurisdictions, we actively seek out people with the talent and potential to flourish at TMF Group, whatever their background, and offer job opportunities to the broadest spectrum of people. Once on board, we nurture and promote talented individuals, ensuring that senior positions are open to all.Discover the RoleThe Assistant Manager, Third Party Risk Management, is primarily responsible for developing and managing a third-party risk management process that tracks third-party risks. Work directly with the Manager - Third Party Risk Management and the CISO/CSRO Office team to define issues and information needs and translate them into implementable technical enhancements to the TPRM Program. Deliver reporting for the Overall TPRM Program.Employ the analytics features to compile and synthesize data to make grounded recommendations to assess and protect against risk exposure to guide decision making to advise the business with respect to TPRM.Champion and execute updates to the existing reporting and technology framework to reduce risk and enhance efficiency. Oversee and make recommendations about additional add-on features. Assess the Information Security posture of third parties (Sub-contractors and vendors), including their IT applications in the scope of the service provided to TMF, at the time of contracting their service and periodically thereafter.The resource is also responsible for assessing information security risks from third parties and specifying appropriate technical and organizational controls to address the risks to be formally included in the contract with the third parties. The incumbent will check the compliance of the third parties to the specified security requirements on an annual basis / or as and when required by conducting reassessments/audits.Key Responsibilities

Review and maintain Third Party Risk Assessment procedure and assessment questionnaire.
Review third party responses and ensure required controls are in place. Identify gaps and raise them with sponsors for resolution
Identify technical and organisational measures / security controls that need to be included in the contract with the third party.
Maintain an inventory of onboarded third parties, along with key contact personnel, and rate them based on access level / risk level / criticality level
Conduct periodic (annual) reassessments to verify / validate the security posture of the vendor and compliance to the agreed security controls
Share details of vulnerabilities that may affect the applications provided by the vendor and check if the vulnerabilities are remediated in a timely manner.

Key RequirementsThe Candidate needs to possess strong technical and soft skills, as highlighted below:

The ideal candidate should have a Computer Science Education - Bachelor's or master's degree
The candidate should have 5- 8 years of relevant work experience in Information Security, with third party risk management as a primary responsibility.
ISO 27001 /ISMS Standard.
ISO 31000 Standard / risk assessment
Knowledge of security frameworks like NIST Cyber Security Framework and regulations such as GDPR, DORA etc. would be an added advantage
Understanding of security in relation to compliance with local legislations and regulations
Excellent interpersonal skills. Ability to connect with and communicate appropriately across junior to senior-level staff
Excellent written and spoken skills in English. Knowledge of Spanish, Portuguese or any other foreign language would be an added advantage

General Skills Requirement

Attention to detail
Good understanding of the business
Ability to work with minimum supervision
Ability to work under stress
Sense of responsibility

What's in it for you?Pathways for career development

Work with colleagues and clients around the world on interesting and challenging work;
We provide internal career opportunities so you can take your career further within TMF;
Continuous development is supported through global learning opportunities from the TMF Business Academy.

Making an impact

You'll be helping us to make the world a simpler place to do business for our clients;
Through our corporate social responsibility programme, you'll also be making a difference in the communities where we work.

A supportive environment

Strong feedback culture to help build an engaging workplace;
Our inclusive work environment allows you to work from our offices around the world, as well as from home, helping you find the right work-life balance to perform at your best.

Other Benefits

Anniversary & Birthday Leave policy
Be part of One TMF
Paternity & Adoption leaves
Salary advance policy
Work flexibility - Hybrid work model
Talk about growth opportunities (we invest in talent)
Well-being initiatives

We're looking forward to getting to know you!

TMF Group

Apply Now