Third Party Security Risk Analyst
On-site · Bengaluru, Karnataka, India
Job Summary
Execute TPSRM activities across the full lifecycle, including onboarding risk segmentation, due diligence assessments, contracting security review, continuous monitoring tasks, and supplier offboarding checks. Perform detailed third-party cybersecurity risk assessments, analyzing supplier responses, evaluating inherent and residual risks, validating supporting evidence, and documenting findings in accordance with TPSRM methodology. Identify security gaps and support remediation governance, including proposing remediation actions, tracking supplier commitments, validating closure evidence, and escalating overdue or high-risk items. Support continuous monitoring, conducting periodic reassessments, reviewing supplier security alerts/events, following up on incidents, and supporting onsite visit preparation where required. Coordinate operational interactions with suppliers, business requestors, Procurement, TPRM, Legal, and security engineering teams, ensuring that assessments and risk decisions are completed efficiently and accurately. Maintain high quality documentation, ensuring that assessments, remediation plans, evidence, risk ratings, and decisions are accurate, complete, consistent, and audit ready.
Required Qualifications
- Bachelor’s degree in Cybersecurity, Information Systems, Technology, Engineering, or a related field
- 5–7 years in security assurance, supplier assessments, technology risk, or GRC
- Experience performing cybersecurity or supplier risk assessments
- Familiarity with TPRM or TPSRM programs and supporting technologies
- Understanding of threat vectors, control requirements, and remediation planning
- Experience reviewing security evidence such as SOC 2 reports, penetration tests, and policy documentation
- Experience working with TPRM platforms, GRC tools, assessment systems, or security questionnaires
- Experience managing Third-Party Risk Management tools, such as OneTrust and UpGuard
Apply with one swipe on Sorce. We auto-fill applications and apply on your behalf — no cover letters, no 40-minute forms.
Hiring someone like this?
Get your role in front of qualified candidates on Sorce.