Third Party Risk Manager

Responsibilities

• Your client responsibilities :
• Assess cybersecurity controls, programs and strategies using our proprietary framework and industry frameworks.
• NIST Risk Management Framework and Assessment and Authorization enhancement, operations, and governance.
• Cybersecurity focused Third-Party Risk management and/or Vendor Risk Management operations, assessment, and enablement.
• Maintain relationships with client management to manage expectations of service, including work products, timing, and deliverables. Demonstrate a thorough understanding of complex information systems and apply it to client / Vendor situations.
• Plan & deliver on client / Vendor engagements. Provide regular status updates on the engagements and work products.
• Actively contribute to improving operational efficiency on projects & internal initiatives.
• Demonstrate industry expertise (deep understanding of the industry, emerging trends, issues/challenges, key players & leading practices).
• Maintain a strong client focus by effectively serving client needs and developing productive working relationships with client personnel.
• Drive high-quality work products within expected timeframes while ensuring stakeholders are kept informed about progress and expected outcomes.
• Your people responsibilities :
• Demonstrate teamwork, integrity, values, principles, and work ethic and lead by example.
• Driving the quality culture agenda at Crowe.
• Participating in the organization-wide people initiatives.
• Desired / Required skills :
• Relevant 7+ years' experience in Information security, risk management, vendor/ third-party risk assessment.
• Experience in handling a team of 4 or more is required.
• Onsite Vendor audit experience is desired
• Industry certifications - ISO 27001 Lead Auditor, CISA, CISSP, CISM, CCSP, CTPRA and any cloud Certifications is an added advantage.
• Good knowledge of Privacy, Governance and reporting.
• Excellent written and verbal communication skills.
• Strong Auditing skills are mandatory.
• Cloud Security fundamentals are desired.
• Strong problem solving and logical approach skills.
• Consistent display of technical proficiency.
• Ability to work under pressure with stringent deadlines and tough client conditions which may demand extended working hours.
• Willingness to travel, when required.
• Technical Skills :
• Expertise in cyber security including standards such as IS0 27001, PCI-DSS, IS0 22301, Privacy etc.
• Hands on experience in assessing Audit reports like SOC2 Type2 reports, Penetration testing reports, Vulnerability assessment reports, PCI DSS reports etc.
• Sound knowledge of technical domains such as network security, cloud security, application security, control testing, legal and compliance, data privacy, human resource related controls, supply chain, environmental security, cryptography.
• Strong knowledge of concepts such as vendor risk profiling, country risk assessment, outsourcing/ technology regulations exposure.
• Good knowledge of IT infrastructure.
• Knowledge of incident management, disaster recovery and business continuity management.
• Sound familiarity with Secure SDLC standards / frameworks.
• We expect the candidate to uphold Crowe's values of Care, Trust, Courage, and Stewardship. These values define who we are. We expect all of our people to act ethically and with integrity at all times.

Benefits

Additional Information

Your Journey at Crowe Starts Here: At Crowe, you can build a meaningful and rewarding career. With real flexibility to balance work with life moments, you're trusted to deliver results and make an impact. We embrace you for who you are, care for your well-being, and nurture your career. Everyone has equitable access to opportunities for career growth and leadership. Over our 80-year history, delivering excellent service through innovation has been a core part of our DNA across our audit, tax, and consulting groups. That's why we continuously invest in innovative ideas, such as AI-enabled insights and technology-powered solutions, to enhance our services. Join us at Crowe and embark on a career where you can help shape the future of our industry. Job Description: Job purpose : Manager in the Crowe's Third-Party Risk Management team to work on various TPRM projects for our customers / Clients across the globe. You will be responsible for delivering on accounts in accordance with Crowe's quality guidelines & methodologies. You will need to execute and coordinate on accounts and relationships on a day-to-day basis for the firm. Establishing, strengthening, and nurturing relationships with Vendors, Clients and internally across service lines and proactively will also be a part of your day-to-day activities. You will assist in developing new methodologies and internal initiatives and help in creating a positive learning culture within the Organization. In line with Crowe's commitment to quality, you'll confirm that work is of the highest quality as per Crowe's quality standards.

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at crowe? Share your experience