CrawlJobs Logo
Arrive Logo Arrive · IT - Administration

Manager, Third Party Risk Management

India, Bengaluru · Job Posted June 14, 2026
Apply Position
Job Link Share

Job Description

We are seeking an experienced Third-Party Risk Management (TPRM) Manager to own and mature Arrive's global third-party risk program. Reporting to the Risk & Compliance Lead, this role will serve as the single point of accountability for third-party security risk across the Arrive Group. This is a strategic governance role focused on enabling business growth while ensuring vendors, partners, and suppliers meet Arrive's security, resilience, and regulatory expectations. The ideal candidate will combine strong vendor risk assessment expertise, regulatory alignment experience, and senior stakeholder management capability in a global environment.

Job Responsibility

  • Lead security risk assessments for new and existing third parties (SaaS, cloud, fintech vendors, payment processors)
  • Review and analyze vendor certifications and assurance artifacts (ISO 27001, SOC 1/2, PCI DSS, GDPR documentation)
  • Evaluate third-party control effectiveness and document risk findings
  • Drive remediation tracking and closure with vendors and internal stakeholders
  • Maintain and mature standardized third-party assessment frameworks
  • Translate technical findings into business-aligned risk insights
  • Advise leadership on risk acceptance, mitigation, and compensating controls
  • Maintain a defensible third-party risk register and reporting structure
  • Support procurement decisions through risk scoring and tiering models
  • Partner with Legal and Procurement to embed security requirements in contracts (MSA, DPA, security addendums)
  • Ensure alignment with ISO 27001, PCI DSS, GDPR, NIS2, SOC, and other regulatory frameworks
  • Validate subcontractor and supply-chain security obligations
  • Support customer due diligence and regulatory inquiries related to vendor security
  • Own and continuously enhance the TPRM lifecycle (onboarding, assessment, monitoring, offboarding)
  • Define and track KPIs for vendor risk posture (coverage, remediation time, risk trends)
  • Support internal and external audits by providing third-party assurance evidence
  • Leverage GRC or TPRM tools to automate workflows and reporting
  • Scale the TPRM program in line with business growth and geographic expansion
  • Drive ongoing enhancement of the TPRM framework, processes, and tooling to align with evolving regulatory and business requirements
  • Identify gaps and implement process efficiencies to strengthen risk mitigation and stakeholder experience
  • Monitor industry best practices and emerging risks to proactively refine the third-party risk management program
  • Design and implement TPRM KPIs and KRIs to measure third-party risk exposure, assessment coverage, remediation timelines, and control effectiveness
  • Develop executive dashboards and periodic reporting to provide data-driven insights to senior leadership and governance forums
  • Monitor performance against defined risk thresholds and drive accountability through structured reporting and escalation mechanisms
  • Act as primary security liaison for Procurement, Legal, IT, and Business Units
  • Provide clear guidance on third-party security expectations
  • Drive a security-enablement mindset across the organization
  • Present risk updates to senior leadership and governance forums

Requirements

  • 12+ years of experience in information security, risk management, GRC, or third-party risk management
  • Proven experience leading or owning a Third-Party Risk Management program in a complex, global organization
  • Strong understanding of ISO 27001, NIS2, SIG, and vendor risk frameworks
  • Proven experience assessing SaaS, cloud, and technology vendors
  • Experience partnering with Legal and Procurement teams
  • Experience maintaining risk registers and executive-level reporting
  • Strong stakeholder communication and presentation skills
  • Experience supporting audits and regulatory compliance activities

Nice to have

  • Experience implementing or managing a TPRM platform/tool
  • Exposure to NIS2, revDSG, or other European regulatory frameworks
  • Experience in fintech, payments, SaaS, or high-growth digital environments
  • Certifications such as CISSP, CISM, CRISC, ISO 27001 Lead Implementer/Auditor
  • Experience aligning vendor risk programs with enterprise risk frameworks (NIST, CIS)
Arrive - All Job Offers

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Suggested Tags: Frontend Developer Secretary Talent Manager Salesforce Administrator Data Analyst
Similar Jobs for

Manager, Third Party Risk Management

8 matching positions

Third Party Risk Management Manager

About the Company: A leading global provider of integrated financial services so...
Location
Location
Singapore , Singapore
Salary
Salary:
Not provided
https://www.randstad.com Logo
Randstad
Expiration Date
July 05, 2026
Flip Icon
Requirements
Requirements
  • Industry Knowledge: Deep understanding of MAS Outsourcing Guidelines and regulatory landscapes within the insurance or financial sectors.
  • Technical Proficiency: Skilled in Microsoft Office Suite
  • familiarity with dedicated TPRM software platforms is highly regarded.
  • Strategic Capability: Proven ability to design and execute effective risk mitigation strategies in complex environments.
Job Responsibility
Job Responsibility
  • Oversee and refine the enterprise-wide framework for managing outsourcing and external vendor risks.
  • Strengthen the governance structure to ensure rigorous oversight of both internal group and external partner risks.
  • Maintain the integrity of the Supplier Risk Management system and its associated data.
  • Adapt the risk assessment methodology to align with evolving regulatory standards and industry mandates.
  • Detect and report critical concerns regarding vendors, specifically focusing on concentration and fourth-party risk factors.
  • Work closely with cross-functional teams, including Legal, Compliance, Security, and Audit, to address and escalate risks across the three lines of defense.
  • Facilitate the execution of initial and periodic due diligence and performance assessments for critical outsourcing agreements.
  • Direct administrative and strategic support for the Outsourcing Working Group and Governance Committee, including documentation and action-item tracking.
  • Conduct annual reviews of procedural templates and lead training sessions for internal stakeholders and contract managers.
  • Manage regulatory registers and internal knowledge repositories to ensure compliance and accessibility.
  • Fulltime
Read More
Arrow Right

Senior Risk Manager - Third Party Risk

The role supports the Head of Operational Risk in the oversight and management o...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Degree level educated or an equivalent combination of education training and experience with third-party frameworks and industry standards
  • and/or relevant professional qualification (e.g., IRM International Certificate in Operational Risk, Practitioner Certificate in Information Management, etc.)
  • Proven third party risk expertise, preferably with knowledge of relevant standards such as ISO 27001, ISO 22301, NIST, and COBIT
  • A strong understanding of the Lloyd's or wider company insurance market and frameworks is preferable
  • Knowledge and experience of risk management frameworks and tools
  • Demonstrate effective understanding of relevant TPRM regulations for a global organisation operating across the UK, EU, US and Asia
  • Understanding of the commercial drivers and dynamics affecting risk decisions in the insurance sector, as well as operational and risk processes found within an international insurance group
  • Ability to build strong partnering relationships with a wide range of stakeholders, in particular the 1st Line TPRM team
  • Ability to interact professionally and with credibility and manage expectations of management and key stakeholders
  • Ability to manage time, meet deadlines and prioritise
Job Responsibility
Job Responsibility
  • Provide independent oversight and effective challenge to first-line operational risk activities
  • Review, challenge and contribute to the Third Party Risk Management (TPRM) framework, policies and standards
  • Support the Head of Operational Risk in facilitating regular Risk & Control Self Assessments (RCSAs) with first line risk owners and stakeholders, ensuring the assessments are performed and documented accordingly
  • Oversee the management of delegated authority risk within Underwriting, Claims and Operations as part of the TPRM framework
  • Ensure consistent risk tiering and materiality assessments for all third parties
  • Review and challenge residual risk assessments, risk acceptances, and exceptions related to Operational Risk
  • Oversee integration of Third Party Risk into operational resilience, technology, cyber, and data frameworks
  • Support the implementation and maintenance of a robust control environment with clear ownership and accountability within the business, ensuring control documentation remains accurate and current
  • Develop and monitor key risk indicators (KRIs) and support risk appetite monitoring and management
  • Work collaboratively with 1st Line and Risk domain teams, supporting the embedding of the Operational Risk and TPRM framework into the organisation and across the 3 Lines of Defence model
  • Fulltime
Read More
Arrow Right

Business Analyst – Third Party Risk Management

Our client, a leading organization in the financial services industry, is seekin...
Location
Location
Canada , Toronto
Salary
Salary:
40.00 - 44.00 USD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
July 17, 2026
Flip Icon
Requirements
Requirements
  • 2–5 years of experience in Third-Party Risk Management (TPRM)
  • Vendor Risk Management
  • Compliance, Audit, or Operational Risk
  • Hands-on experience conducting inherent risk assessments
  • financial due diligence reviews
  • adverse media screenings
  • Strong understanding of the vendor risk lifecycle, including onboarding, monitoring, and governance
  • Strong analytical, communication, and stakeholder management skills
  • Bachelor’s degree or equivalent professional experience
Job Responsibility
Job Responsibility
  • Conduct inherent risk assessments to evaluate third-party risks based on service criticality, data sensitivity, and regulatory impact
  • Perform financial due diligence reviews, including supplier financial health analysis and credit evaluations
  • Conduct adverse media and reputational risk screenings
  • Assess supplier risk posture and identify areas requiring mitigation or additional due diligence
  • Provide guidance and training to business stakeholders and contract owners on third-party risk management practices
  • Support ongoing supplier monitoring activities and governance reviews
  • Track and manage risk findings, policy exceptions, and remediation activities
  • Monitor supplier risk indicators including financial performance, adverse media, and emerging global risks
  • Maintain accurate risk documentation and support a consistent risk-based vendor oversight approach
  • Ensure adherence to internal TPRM policies, standards, and regulatory expectations
What we offer
What we offer
  • Opportunity to work with a well-established financial services organization
  • Exposure to enterprise-level Third-Party Risk Management initiatives
  • Collaborative and professional team environment
  • Hybrid work model with a balance of onsite and remote flexibility
  • Potential for contract extension and long-term conversion opportunities
  • Involvement in governance, compliance, and emerging risk initiatives
Read More
Arrow Right

Supplier Cyber Security Specialist - Third Party Risk Management

We are seeking a seasoned cyber security professional to lead the Vulnerability ...
Location
Location
India , Bangalore
Salary
Salary:
Not provided
vodafone.com Logo
Vodafone
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Possess over 10 years of IT experience with a strong focus on cyber security, vulnerability management, and remediation
  • Proficient in tools such as QualysGuard VMDR, WAS, and cloud scanning solutions
  • Skilled in web application penetration testing and knowledgeable in OWASP, Kali Linux, Burp Suite, CVE, SSL PKI, IAM, SIEM, and perimeter security
  • Experienced in managing large-scale vulnerability scanning operations and reporting
  • Strong stakeholder management and communication skills
  • Solid understanding of networking and cyber security policies, standards, and procedures
Job Responsibility
Job Responsibility
  • Lead the Vulnerability Management and Responsible Disclosure team to strengthen Vodafone’s cyber defence capabilities
  • Drive vulnerability management initiatives, ensuring timely identification, communication, and remediation of threats
  • Oversee penetration testing activities related to responsible disclosures and support incident response during crises
  • Research emerging threats, including zero-day vulnerabilities, and ensure targeted scans and mitigation actions
  • Champion continuous improvement through automation and cross-functional collaboration
  • Act as a technical expert in security scanning and penetration testing
  • Foster team development through individual growth plans and maintain high engagement levels
  • Contribute to administrative and delivery initiatives across domains
What we offer
What we offer
  • Opportunity to lead a high-impact domain within a global cyber security function
  • Exposure to cutting-edge vulnerability management tools and practices
  • Collaboration with international teams and stakeholders across Vodafone markets
  • A chance to influence Vodafone’s cyber risk strategy and operational resilience
  • A dynamic and inclusive work environment that values innovation and continuous improvement
  • Fulltime
Read More
Arrow Right

Third Party Risk Management Analysis

Excellent temporary opportunity for legal professionals or others with solid Thi...
Location
Location
United States , Minneapolis
Salary
Salary:
Not provided
bhsg.com Logo
Beacon Hill
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Must be MN candidates
  • Able to be on site in St. Paul, MN three days/week
  • Excellent verbal and written communication skills
  • At least five years of TPRM, legal and/or equivalent experience (Compliance, Fraud, Business, etc.)
Job Responsibility
Job Responsibility
  • Completing TPR assessments through research, interviews and consultation with internal experts to understand and quantify risks associated with third parties
  • Fulltime
Read More
Arrow Right

Staff Engineer, Third Party Risk Management - Trust

At Vanta, our mission is to help businesses earn and prove trust. We believe tha...
Location
Location
Canada
Salary
Salary:
Not provided
vanta.com Logo
Vanta
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive knowledge of Product delivery and system design
  • A decade or more of cross-org leadership experience in addition to overall years of experience
  • Strong ability to navigate ambiguity, manage stakeholder alignment, and synthesize technical direction
  • Known as a strategic leader who delivers impactful outcomes and enables others to succeed
  • Leads complex project portfolios across teams with full accountability for architecture and outcomes
  • Directly responsible for both execution coordination and high-quality personal contribution
  • Mentors engineers across the org
  • actively develops technical leadership in others
  • Recognized internally as a force for scale, clarity, and system-level thinking
  • Open to using AI to amplify their skills and strengthen their work - demonstrating curiosity, a willingness to learn, and sound judgment in applying AI responsibly to improve efficiency and impact
Job Responsibility
Job Responsibility
  • Own the technical roadmap for major product domains within the Trust org
  • Work across teams to turn ambiguous goals into aligned, well-architected execution plans
  • Lead execution by scoping, assigning, and coordinating work across multiple pods of engineers
  • Personally build the foundational pieces and unblock high-complexity work
  • Influence product strategy, grow technical talent, and define patterns and best practices org-wide
What we offer
What we offer
  • Industry-competitive salary and equity
  • 100% covered medical, dental, and vision benefits with dependents coverage
  • Pension contribution
  • 16 weeks fully paid Parental Leave for all new parents
  • Health & wellness stipend
  • Remote workspace, internet, and cellphone stipend
  • Flexible work hours and location
  • 21 days of Vacation Time and 80 hours of Sick Leave
  • 11 company-paid holidays
  • Virtual team building activities, lunch and learns, and other company-wide events
  • Fulltime
Read More
Arrow Right

Third Party Risk Manager

Third Party Risk Manager - Procurement & Risk Transformation - London - Newly Cr...
Location
Location
United Kingdom , London
Salary
Salary:
65000.00 - 85000.00 GBP / Year
bramwithconsulting.co.uk Logo
Bramwith Consulting
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Hands-on experience in Third Party Risk Management or supplier risk operations
  • Exposure to financial services, fintech, consulting, or regulated environments
  • Strong understanding of operational risk processes and controls
  • Comfortable working in a fast-changing, growth-oriented business
  • Confident communicator who can engage stakeholders pragmatically
  • Experience working with offshore or remote teams is beneficial
  • Leadership potential is important, formal line management experience is not essential
Job Responsibility
Job Responsibility
  • Support the delivery of day-to-day Third Party Risk Management activity
  • Work closely with the offshore operations team to maintain quality and consistency
  • Ensure outputs meet internal standards and are audit ready
  • Track workflow, turnaround times, and key service measures
  • Act as a first point of contact for internal stakeholders on routine TPRM queries
  • Coordinate with Procurement to ensure risk assessments are triggered appropriately
  • Escalate higher-risk or complex cases to senior risk stakeholders when required
  • Contribute to reporting, MI, and insight packs for leadership
  • Support continuous improvement across tools, processes, and controls
What we offer
What we offer
  • Package
  • Fulltime
Read More
Arrow Right

Third Party Risk Manager

A highly motivated and hands-on professional to join the Supply Chain Security (...
Location
Location
Netherlands , Amsterdam
Salary
Salary:
Not provided
levy-professionals.com Logo
Levy Professionals
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Knowledge and experience with setting up projects & deliverables within supply chain security / Third-Party Risk Management (TPRM)
  • Proven experience in executing information security risk assessments
  • Knowledgeable on one or more areas such as security processes, technology architectures, network security, application security, and vulnerability management
  • Experience with the ServiceNow TPRM module is a significant advantage
  • HBO or University degree
  • Excellent stakeholder management skills
  • A strong ability to translate technical risks into business risks and vice versa
  • Hands-on, self-organised, willing to finish and deliver (execution power)
  • Service-oriented professional who enjoys taking on an internal consultancy role
  • The working language within the team is English
Job Responsibility
Job Responsibility
  • Govern and manage IT vendor relationships concerning performance on the security aspects of underlying contractual obligations
  • Execute Vendor Security Risk Assessments and perform necessary follow-up actions, focusing on material risks
  • Ensure that information security risks are identified and managed effectively throughout all stages of the relationship with external vendors
  • Review the applicability and quality level of assurance reports issued by third parties
  • Manage the IT security-related part of vendor contracts, working closely with 2nd line functions such as legal, compliance, and procurement on contractual changes
  • Actively stay up-to-date with emerging cyber security trends, risk, and threat developments, and share this knowledge to help integrate them into the assessment program
  • Help solve security-related questions, take initiative, and escalate in time if needed
  • Signal improvements related to the way of working inside the team and contribute to improving the excellence of the service offering
  • Work according to the DevOps & Agile methodology, improving Supply Chain Security services based on user stories
  • Occasionally investigate and resolve incidents as they occur
Read More
Arrow Right