GMS-Staff-MS-RSS

Your key responsibilities

• Participate in the delivery of Third-Party Risk Management (TPRM) engagements covering walkhroughs, testing, documentation and other engagement related activities         .
• Participate  in vendor calls / client interactions by providing delivery updates.
• Follow policies and procedures that support the successful implementation of TPRM operating models.
• Participate in process walkthrough discussions to assist in documenting end-to-end business processes and functional requirements.
• Participate in assessing the application of legal and regulatory requirements to clients TPRM practices.
• Participate in technology enhancement requirements such as Automation, Data Analytics, AI to support TPRM processes.
• Understand the process gaps and propose preventive/corrective action where appropriate.
• Demonstrate a keen interest in developing knowledge of market trends, competitor activities, EY products, and service lines.
• Adhere strictly to fulfill project activities to achieve exceptional client service
• Work effectively as a team member, sharing responsibility, providing support, maintaining communication, and updating senior team members on progress.
• Conduct research and assist senior team members in preparing client presentations and information memorandums.
• Continuously strive towards exceeding client & team expectations and work on increasingly complex assignments.
• Support management in the preparation of proposals and business development materials.
• Bring out of the box thinking mindset and analytical thinking capability to enhance service delivery.

Skills and attributes for success

• Maintain an educational program to develop personal skills continually.
• Constantly upskilling as per market trends.
• Understand and follow workplace policies and procedures.
• Exhibit initiative and participate in corporate social and team events.

To qualify for the role, you must have

• B.Tech (IT/Computer Science), BSc.(IT), BE, MCA, from a tier1 or tier 2 college.
• 1 to 4 years of demonstrated experience with Risk Management, preferably in the Third-Party engagement lifecycle (pre-contracting, contracting, and post contracting).
• Basic understanding of the TPRM framework, Risk Management, Information Security practices.
• Good to have exposure in Contract Risk Reviews.
• Good exposure in TPRM tools and technology solutions (e.g., GRC enablement solutions, such as Process Unity, Prevalent, Archer, ServiceNow, etc.).
• Basic knowledge of standards such as ISO 27001/2, ISO 22301, ISO 27018, PCI – DSS, HITRUST, etc.
• Basic knowledge of privacy regulations such as GDPR, CCPA, etc.
• Basic knowledge of regulations such as FISMA, HIPAA, Reg SCI, MAS, etc.
• Basic knowledge of TCP/IP, concepts of OSI layer and protocols, networking and security concepts, Physical & Environmental Security, Asset Security and Identity & Access Management.
• Good to have certifications - CISSP, CISA, CISM, CTPRP, CIPP, ISO 27001 Lead Auditor or Lead Implementer

Ideally, you’ll also have

• Exposure to tools like ProcessUnity, ServiceNow, Archer.