Security Architect
Gurugram
Job No. atci-5373862-s1960971
Full-time
工作描述
Project Role : Security Architect
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Third Party IT Risk Management
Good to have skills : Security Architecture Design
Minimum 12 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
Seeking an experienced Third-Party Risk Management (TPRM) Professional to lead and support the design, implementation, and maintenance of robust vendor risk management frameworks. This role ensures that third-party engagements comply with industry standards and regulations such as ISO/IEC 27001, PCI DSS, NIST CSF, SOC 2, GDPR, and others. The candidate will work cross-functionally to manage vendor risk assessments, oversee audits, and drive continuous improvement in third-party risk posture. A typical day involves building and running TPRM programs, solutioning complex vendor risk scenarios, and collaborating with internal teams to ensure compliance requirements are met. The role also includes developing scalable strategies for TPRM operations and leveraging automation tools for efficiency.
Roles & Responsibilities:
Roles & Responsibilities:
Collaborate with stakeholders to define third-party risk management needs and priorities.
Build, Run, and Solution TPRM Deals: Design and implement TPRM frameworks and processes, execute vendor risk assessments and ongoing monitoring, and provide strategic solutions including automation and scaling strategies for complex third-party risk scenarios.
Conduct detailed due diligence on vendors, including questionnaires, evidence reviews, and risk rating.
Perform independently as an SME or manage a team of TPRM professionals.
Actively participate and contribute to client discussions.
Provide solutions for complex compliance-related situations.
Prepare reports, dashboards, and metrics for leadership on vendor risk status.
Collaborate with cross-functional teams to identify and mitigate potential third-party risks.
Professional & Technical Skills:
Proficient in Third-Party Risk Management (TPRM) and vendor risk assessment methodologies.
Strong understanding of compliance frameworks such as ISO 27001, PCI DSS, NIST, SOC 2, GDPR, and others.
Ability to lead and manage TPRM initiatives across the organization.
Experience in conducting gap assessments and implementing controls aligned with compliance standards.
Exposure to TPRM tools and platforms (e.g., Archer, ServiceNow, OneTrust).
Develop and maintain TPRM policies, procedures, and documentation in line with regulatory needs.
Educate teams on vendor risk requirements and drive a culture of risk awareness.
Relevant certifications: ISO 27001 LA/LI, CISA, CISM, CRISC, or equivalent.
Additional Information:
- The candidate should have minimum 12 years of experience in Third Party IT Risk Management.
- This position is based at our Gurugram office.
- A 15 years full time education is required.
Project Role Description : Define the cloud security framework and architecture, ensuring it meets the business requirements and performance goals. Document the implementation of the cloud security controls and transition to cloud security-managed operations.
Must have skills : Third Party IT Risk Management
Good to have skills : Security Architecture Design
Minimum 12 year(s) of experience is required
Educational Qualification : 15 years full time education
Summary:
Seeking an experienced Third-Party Risk Management (TPRM) Professional to lead and support the design, implementation, and maintenance of robust vendor risk management frameworks. This role ensures that third-party engagements comply with industry standards and regulations such as ISO/IEC 27001, PCI DSS, NIST CSF, SOC 2, GDPR, and others. The candidate will work cross-functionally to manage vendor risk assessments, oversee audits, and drive continuous improvement in third-party risk posture. A typical day involves building and running TPRM programs, solutioning complex vendor risk scenarios, and collaborating with internal teams to ensure compliance requirements are met. The role also includes developing scalable strategies for TPRM operations and leveraging automation tools for efficiency.
Roles & Responsibilities:
Roles & Responsibilities:
Collaborate with stakeholders to define third-party risk management needs and priorities.
Build, Run, and Solution TPRM Deals: Design and implement TPRM frameworks and processes, execute vendor risk assessments and ongoing monitoring, and provide strategic solutions including automation and scaling strategies for complex third-party risk scenarios.
Conduct detailed due diligence on vendors, including questionnaires, evidence reviews, and risk rating.
Perform independently as an SME or manage a team of TPRM professionals.
Actively participate and contribute to client discussions.
Provide solutions for complex compliance-related situations.
Prepare reports, dashboards, and metrics for leadership on vendor risk status.
Collaborate with cross-functional teams to identify and mitigate potential third-party risks.
Professional & Technical Skills:
Proficient in Third-Party Risk Management (TPRM) and vendor risk assessment methodologies.
Strong understanding of compliance frameworks such as ISO 27001, PCI DSS, NIST, SOC 2, GDPR, and others.
Ability to lead and manage TPRM initiatives across the organization.
Experience in conducting gap assessments and implementing controls aligned with compliance standards.
Exposure to TPRM tools and platforms (e.g., Archer, ServiceNow, OneTrust).
Develop and maintain TPRM policies, procedures, and documentation in line with regulatory needs.
Educate teams on vendor risk requirements and drive a culture of risk awareness.
Relevant certifications: ISO 27001 LA/LI, CISA, CISM, CRISC, or equivalent.
Additional Information:
- The candidate should have minimum 12 years of experience in Third Party IT Risk Management.
- This position is based at our Gurugram office.
- A 15 years full time education is required.
职位要求
15 years full time education
