TPRM Analyst

Job Description
Must Have Technical/Functional Skills

GRC - IT Technology Risk management, Info Security, Audit, Controls, Third Party Risk assessment

Roles & Responsibilities

IT Technology Risk management as core experience. Optimization of Third-Party Risk Management Process (TPRM) to meet organization goals and standards for customer Brokerage
" Review vendor intake forms and use cases to ensure appropriate Tier to drive security assessments.
" Complete inherent risk/ categorization of all newly submitted third parties/vendors
" Lead security assessments for all third-party/service providers.
" Review vendor security questionnaires (SIG) and supporting evidences to evaluate vendor security posture.
" Work with vendor relationship manager to resolve vendor related issues especially on non-responsive vs Comprehensive understanding of IT auditing.
Due diligence on Vendor/ Third party Risk Assessments w.r.t Information Security. Well versed with communication skills and iterative conversations with key 3rd party service responsible parties (e.g., BU, IT, and Vendor)
Security reviews against industry best practice/cybersecurity frameworks (including but not limited to Data Sensitivity classification, Financial Stability, encryption at rest / in transit, Key Management, Authentication, Authorization, Audit/logging)
Assist and contribute to senior management and governance forum transparency. Directly contributing to the closure of a pre-determined reviews each month, while managing a maximum caseload of an agreed number of active cases at one time.
Continuous performance improvements by keeping the entire caseload under an agreed aging SLA.
Cybersecurity Certification is a plus.