π Elevate Your Career with EY | Third-Party Risk Management (TPRM) Role
π’ Location: Hyderabad, Gurugram, Bengaluru
π₯ Experience Required: 1 – 3 years
π° Salary: Competitive, Not Disclosed
π Employment Type: Full-time, Permanent
π About EY – Building a Better Working World
EY is a global leader in assurance, consulting, strategy, tax, and transactions, empowering businesses with innovative solutions and technology-driven insights. With a presence in over 150 countries, EY helps clients grow, transform, and operate successfully while maintaining the highest standards of trust and integrity.
As a company committed to diversity, inclusivity, and sustainable business practices, EY offers an empowering and collaborative environment where your ideas matter.
Why EY?
β
Work with industry-leading professionals in a dynamic, global work environment.
β
Opportunities for continuous learning and career growth.
β
Competitive salary and attractive benefits.
β
Flexible work arrangements to support work-life balance.
β
A culture that values innovation and collaboration.
πΌ Role Overview: TPRM Analyst/Staff
As a Third-Party Risk Management (TPRM) Analyst/Staff, you will play a critical role in helping organizations identify and mitigate risks associated with third-party vendors. You will be part of EY’s Risk Management & Compliance team, ensuring that businesses maintain the highest security standards while engaging with external vendors.
This is an excellent opportunity to develop expertise in information security, vendor risk management, compliance frameworks, and IT strategy consulting. If you are passionate about cybersecurity, risk assessment, and regulatory compliance, this role is perfect for you!
π Key Responsibilities
-
Risk Assessment & Compliance
- Conduct in-depth third-party risk assessments to evaluate vendor security posture.
- Assess business cycle controls (BCCs) and general computer controls (GCCs) for third-party systems.
- Ensure compliance with industry regulations such as ISO 27001, PCI DSS, SSAE16, HIPAA.
- Review security policies and procedures, ensuring alignment with corporate risk management strategies.
-
Vendor Management
- Maintain strong relationships with client management and vendors.
- Identify and mitigate operational risks associated with third-party engagements.
- Collaborate with vendors to ensure compliance with security and governance requirements.
- Define and perform audit procedures to assess security risks.
-
IT Strategy & Consulting
- Assist in IT strategy reviews and security audits to enhance cybersecurity measures.
- Contribute to the development of risk mitigation frameworks for clients.
- Provide insights on emerging security threats and recommend proactive risk management strategies.
-
Security Policy Development
- Create and refine security policies tailored to third-party engagements.
- Develop strategies to enhance application security, infrastructure security, and network security.
-
Project & Team Management
- Lead small risk management projects and contribute to larger consulting engagements.
- Work closely with cross-functional teams to implement risk management frameworks.
- Maintain up-to-date documentation of risk assessments, policies, and compliance measures.
π§ Skills & Attributes for Success
Technical Skills:
β
Strong knowledge of third-party risk management frameworks and security standards (ISO 27001, PCI DSS, HIPAA).
β
Proficiency in risk assessment tools, IT security controls, and vendor compliance audits.
β
Familiarity with cybersecurity principles, data protection laws, and cloud security best practices.
Soft Skills:
π Analytical Thinking: Ability to analyze security risks and recommend effective solutions.
π Collaboration: Strong team player with the ability to work across departments.
π Communication: Excellent verbal and written communication skills for engaging with vendors and stakeholders.
π‘ Problem-Solving: Quick thinker with the ability to address security challenges proactively.
π Qualifications & Requirements
- Educational Background: BE/BTech/MCA in Information Security, Computer Science, IT, or related fields.
- Experience: 1-3 years in risk management, IT security audits, or compliance roles.
- Certifications (Preferred): ISO 27001 Lead Auditor, CISA, CISSP, CRISC, or similar security certifications.
- Prior Experience in: Vendor risk assessments, IT security consulting, and cybersecurity frameworks.
π Why You Should Join EY
EY is more than just a workplaceβitβs a career accelerator where your talents are recognized, and your ambitions are nurtured. As a member of our TPRM team, you will enjoy:
-
Career Growth & Learning
- Gain hands-on experience in a fast-paced environment.
- Work on real-world security challenges with top industry experts.
- Access continuous learning opportunities, mentorship programs, and leadership training.
-
Competitive Benefits
- Attractive Salary Packages with performance-based incentives.
- Hybrid Work Model for flexibility and work-life balance.
- Health Insurance, Professional Development Allowance, and Retirement Benefits.
- Paid Time Off & Wellness Programs to support your well-being.
-
Inclusive & Innovative Work Culture
- EY is committed to diversity, inclusion, and innovation. Our culture fosters creativity, collaboration, and respect, ensuring every employee can thrive and grow.
πΌ How to Apply?
Ready to take the next step in your career? Apply now and become part of an exciting journey at EY! Click the “Apply Now” button below or visit our careers page.
π― Application Process:
- Submit your resume and application online.
- Shortlisted candidates will receive an interview invitation via email.
- Complete the technical assessment (if applicable).
- Attend virtual or in-person interviews with our expert panel.
- Receive an offer letter and begin your exciting career journey with EY!
π Application Deadline: Rolling Applications β Apply ASAP!
Join EYβs TPRM team and contribute to building a better, more secure working world. We canβt wait to see you grow with us! π
