Assistant Manager

EXL Service -
Noida, Uttar Pradesh

Apply Now

Job details

Full-time

Qualifications

Information security
NIST standards
Risk management
ServiceNow
ISO 27001
Cybersecurity
Communication skills

Full job description

Job Description: Key Responsibilities :

Following TPRM Governance & Framework and enhance the enterprise TPRM framework aligned to regulatory expectations (DORA, FCA, PRA,, ISO 27001, NIST, SOC, GDPR). Define and maintain TPRM policies, standards, procedures, and control requirements. Ensure consistency and standardization across onboarding, periodic reviews, and exit processes.
Third-Party Lifecycle Management, end-to-end third-party lifecycle, Onboarding & due diligence, Risk tiering and inherent risk assessments, Ongoing monitoring, Reassessments and exit activities
Ensure critical and high-risk suppliers meet enhanced due diligence and resilience requirements, DORA Compliance & Operational Resilience, Embed DORA requirements into third-party risk processes. Assess ICT third-party service providers for : Operational resilience, Business continuity and disaster recovery, Cybersecurity and incident management, Support mapping of important business services and critical third parties, Contribute to resilience testing, scenario analysis, and concentration risk assessments.
Risk Assessments & Due Diligence: Review and approve, Due Diligence Questionnaires (DDQs), SOC reports, ISO certificates, penetration testing summaries, BCP/DR results and financial stability information, Identify gaps, raise issues, and ensure risk-based remediation plans are in place. Issue Management & Remediation, Track findings, actions, and remediation progress.
Stakeholder Management, Develop dashboards and management reporting, Present insights to senior management and risk committees.
Process Improvement & Automation Drive enhancements to tools, workflows, and templates.
Support implementation or optimization of TPRM systems (e.g., Ariba, ServiceNow, OneTrust, Archer, Decision Focus, etc.).

Responsibilities: Strong knowledge of:

DORA
UK/EU financial services regulations
Operational resilience frameworks
Hands-on experience with DDQs, risk assessments, and control testing.
Strong understanding of information security, cybersecurity, BCP/DR, and ICT risks.
Experience engaging with auditors, regulators, and internal risk teams.
Excellent communication and stakeholder management skills.
Ability to balance regulatory rigor with pragmatic business solutions.

Qualifications: Required Experience & Skills

7–12 years of experience in Third Party Risk Management, Operational Risk, or Supplier Risk.

Apply Now

Jobseeker tools

Employer Tools

Browse

Stay Connected