More jobs:
Job Description & How to Apply Below
Job Title
Associate Director / Director – Third Party Risk Management (TPRM) & Data Privacy
Location
Mumbai
Experience
10+ Years (Relevant TPRM / GRC Experience)
Role Overview
We are seeking a seasoned Associate Director – TPRM to lead and scale third-party risk management engagements for large enterprise and Global Capability Center (GCC) clients. The role requires strong leadership, deep risk and compliance expertise, and proven experience managing complex, multi-stakeholder programs. Candidates from Big4 or leading consulting firms will be preferred.
Key Responsibilities
TPRM & Risk Leadership
Lead end-to-end Third-Party Risk Management programs across onboarding, due diligence, continuous monitoring, and offboarding.
Design and implement TPRM frameworks aligned with global standards and regulatory expectations.
Oversee vendor risk assessments covering information security, cyber risk, data privacy, operational resilience, and regulatory compliance.
GCC & Global Engagements
Manage and deliver large-scale GCC projects , supporting global clients across regions (US, EMEA, APAC).
Act as the primary point of contact for global stakeholders, risk committees, and senior leadership.
Ensure alignment of India-based delivery with global governance, policies, and reporting standards.
Governance, Compliance & Assurance
Drive risk assessments aligned with ISO 27001, ISMS, SOC, data privacy regulations, and enterprise risk frameworks.
Review and challenge third-party controls, remediation plans, and risk acceptances.
Support internal and external audits related to vendor risk and regulatory reviews.
Stakeholder & Team Management
Build and manage high-performing TPRM teams, including managers and consultants.
Mentor team members and ensure quality, consistency, and timeliness of deliverables.
Engage with CXOs, CISOs, CROs, procurement heads, and compliance teams.
Strategy & Practice Development
Contribute to TPRM practice growth, solution development, and proposal responses.
Support pre-sales discussions, client presentations, and account expansion initiatives.
Stay current with emerging regulatory, cyber, and third-party risk trends.
Required Skills & Experience
10+ years of experience in TPRM, GRC, Cyber Risk, or Technology Risk roles.
Strong hands-on experience delivering GCC and global client engagements .
Prior experience with Big4 or top-tier consulting firms (preferred).
Deep understanding of vendor risk domains: information security, cyber, data privacy, business continuity, and regulatory risk.
Proven experience leading large teams and complex programs.
Excellent stakeholder management, communication, and executive presentation skills.
Certifications (Preferred)
CISA, CISM, CISSP
ISO 27001 Lead Auditor / Lead Implementer
CRISC or equivalent risk certifications
Education
Bachelor’s degree in Engineering, Technology, or related field
MBA or relevant postgraduate qualification is a plus
Position Requirements
10+ Years
work experience
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×