×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity IT Consultant IT Project Manager Information Security

Third Party Risk Management; TPRM Consultant - Principal

Job in Germany, Pike County, Ohio, USA
Listing for: Infosys Consulting
Full Time position
Listed on 2026-05-30
Job specializations:
  • IT/Tech
    Cybersecurity, IT Consultant, IT Project Manager, Information Security
Salary/Wage Range or Industry Benchmark: 120000 - 150000 USD Yearly USD 120000.00 150000.00 YEAR
Job Description & How to Apply Below
Position: Third Party Risk Management (TPRM) Consultant - Principal
Location: Germany

We are seeking an experienced Principal Third Party Risk Management (TPRM) Consultant to lead and shape our Third Party Risk and GRC services within the cyber security consultancy. This is a senior leadership role responsible for driving strategy, managing complex client engagements, and delivering enterprise-scale TPRM and GRC programmes across multiple industries. As a subject matter expert in Third Party Risk Management, Governance, Risk & Compliance (GRC) and vendor risk frameworks, you will design, implement, and operate robust third‑party risk management frameworks that align with regulatory, security, and business requirements.

You will act as a trusted advisor to clients, lead large transformation initiatives, manage teams, and ensure high‑quality delivery of risk, compliance, and assurance services.

Key Responsibilities:
  • TPRM Proposals & Strategy: Lead the development of TPRM and GRC proposals, defining scope, delivery models, governance structures, and operating models and design enterprise-level Third Party Risk Management strategies aligned with regulatory, operational, and cyber risk requirements.
  • Client Engagement Leadership: Lead and manage complex client engagements in Third Party Risk Management, vendor risk, and GRC and act as engagement lead and trusted advisor for executive stakeholders (CISO, CRO, Risk, Compliance, Procurement, Legal). In addition, ensure successful delivery of TPRM services including assessments, frameworks, tooling, and operationalisation.
  • Security Assessment & Audit Leadership: Lead third‑party security assessments, audits, and assurance activities and define assessment methodologies, risk scoring models, control frameworks, and reporting structures as well as oversee supplier due diligence, onboarding risk processes, and continuous monitoring programmes.
  • Technical & Methodological Authority: Serve as subject matter expert for TPRM, GRC platforms, and vendor risk methodologies and provide leadership in the use of GRC and TPRM tooling (e.g. One Trust, Archer, Service Now GRC, similar platforms).
  • Framework Design & Governance: Design and implement scalable Third Party Risk frameworks, policies, standards, and operating models and align TPRM frameworks with industry standards and regulatory requirements (e.g. ISO 27001, NIST, SOC2, GDPR, DORA, NIS2).
  • Project, Delivery & Programme Leadership: Act as Project Manager, Delivery Lead, and Programme Lead for large‑scale TPRM initiatives and manage multi‑stream delivery, dependencies, risks, and stakeholder alignment.
  • Team Leadership & Management: Lead, mentor, and develop a team of consultants (up to 5 direct reports) and build high‑performing delivery teams and ensure capability development in TPRM and GRC.
  • Risk & Compliance Management: Identify, assess, and manage third‑party risks across cyber, operational, regulatory, and reputational domains and advise clients on risk treatment strategies, remediation plans, and control improvements.
  • Continuous Improvement & Innovation: Drive continuous improvement in TPRM methodologies, delivery models, and service offerings and stay current with regulatory developments, emerging risks, and industry best practices in third‑party risk and supply chain security.
Essential

Skills and Experience:
  • Extensive experience in Third Party Risk Management (TPRM) and Governance, Risk & Compliance (GRC) at enterprise level.
  • Strong background as Security Assessor, Auditor, and Risk Consultant.
  • Proven experience leading TPRM, vendor risk, and supplier assurance programmes.
  • Experience acting as Project Manager, Delivery Lead, and Programme Lead for complex engagements.
  • Strong knowledge of regulatory and security frameworks: ISO 27001, NIST, SOC2, GDPR, DORA, NIS2, etc.
  • Hands‑on experience with GRC / TPRM platforms, specifically One Trust.
  • Ability to design and implement third‑party risk frameworks, policies, and governance models.
  • Strong stakeholder management skills at executive and board level.
  • Proven people management experience, including team leadership and mentoring.
  • Ability to balance security, risk, compliance, and business enablement.
Qualifications:
  • Minimum 10 years of experience in cyber security, risk management, GRC, audit, or related domains.
  • CISA (Certified Information Systems Auditor) strongly preferred.
  • Lead Auditor certification (e.g. ISO 27001 Lead Auditor) highly desirable.
  • Additional certifications such as CISM, CRISC, CISSP are an advantage.
  • Experience working across multiple industries (e.g. Financial Services, Healthcare, Critical Infrastructure, Government, Technology).
  • Experience with regulatory‑driven environments and compliance‑led transformation programmes.
#J-18808-Ljbffr
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search