Third-Party Risk Management (TPRM) - Lead

At Broadridge, we've built a culture where the highest goal is to empower others to accomplish more. If you’re passionate about developing your career, while helping others along the way, come join the Broadridge team. About Us: Broadridge Financial Solutions is a global fintech leader providing technology-driven solutions that help banks, broker dealers, asset managers, and public companies operate efficiently and transform their businesses. Broadridge is known for delivering critical infrastructure for investor communications, trading, governance, and capital markets operations. With a strong culture of innovation, operational excellence, and client focus, Broadridge empowers associates to solve complex business challenges and contribute to meaningful outcomes across the global financial ecosystem. Position Overview: We are seeking a highly skilled and motivated Third-Party Risk Management (TPRM) Lead to join our team. The ideal candidate will have 4 to 7 years of dedicated experience in developing, managing, and maturing a comprehensive TPRM program. This role requires a thorough understanding of vendor lifecycle management, risk assessment methodologies, and compliance requirements. This role offers the opportunity to collaborate with procurement, compliance, information security, and operational risk teams across multiple geographies, contributing to a mature and efficient TPRM framework. Key Responsibilities A. TPRM Program Management: Lead the day-to-day operations and continuous improvement of the TPRM program, ensuring alignment with organizational risk appetite and regulatory requirements. Develop, maintain, and enforce TPRM policies, standards, and procedures. Manage the end-to-end vendor risk lifecycle, from initial on-boarding through offboarding. Track remediation activities and engage stakeholders to ensure timeliness B. Risk Assessment & Due Diligence: Conduct and oversee robust due diligence assessments of new and existing third parties, focusing on security, privacy, resilience, and regulatory compliance. Evaluate Service Organization Control (SOC) reports (e.g., SOC 1, SOC 2, SOC 3) and other assurance documentation to identify control gaps and inherent risks. Drive the reassessment process for critical and high-risk vendors based on defined frequency and trigger events. Ensure remediation of identified risks by tracking and validating corrective action plans. C. Performance Monitoring & Reporting: Implement, and maintain vendor scorecards and performance metrics to continuously monitor vendor risk posture and adherence to contractual obligations. Prepare and present clear, data-driven reports on the overall TPRM status, high-risk vendors, and key performance indicators to senior management and relevant committees. D. Incident Management & Response: Serve as the primary point of contact and lead for coordinating the response to security or operational incidents involving third parties. Validate vendor incident management processes and ensure timely and effective communication and resolution during a third-party breach or disruption. Collaborate with internal stakeholders and SME groups from different domains and work towards an action plan. E. Knowledge of ProcessUnity (ERP Tool): This is not mandatory but having a hands-on experience is an added advantage. F. Team Leadership & Governance: Provide day-to-day guidance to TPRM analysts and support workload prioritization. Act as delegate for the India TPRM Manager, overseeing BAU operations, escalations, and stakeholder engagement in their absence. Review team outputs for quality, consistency, and adherence to standards. Educate stakeholders and business owners on vendor risk requirements supporting first-line engagement Drive policy awareness Required Qualifications: A minimum of 4 years and a maximum of 7 years of direct experience managing a TPRM or Vendor Risk Management program. Thorough knowledge of TPRM program components and industry best practices (e.g., ISO 27001, SOA, shared assessments). Expertise in interpreting and utilizing SOC report data, specifically understanding the scope, control objectives, and impact on the organization. Proven ability to execute a comprehensive due diligence process across various risk domains (Information Security, Business Continuity, Compliance, Financial Stability). Demonstrated experience with incident management and crisis response in the context of third-party events. Familiarity with creating and analyzing vendor scorecards for performance and risk tracking. People leadership experience is highly desirable. Strong analytical, organizational, and communication skills. Ability to effectively negotiate and influence internal stakeholders and external vendors. We are dedicated to fostering a collaborative, engaging, and inclusive environment and are committed to providing a workplace that empowers associates to be authentic and bring their best to work. We believe that associates do their best when they feel safe, understood, and valued, and we work diligently and collaboratively to ensure Broadridge is a company—and ultimately a community—that recognizes and celebrates everyone’s unique perspective. Use of AI in Hiring As part of the recruiting process, Broadridge may use technology, including artificial intelligence (AI)-based tools, to help review and evaluate applications. These tools are used only to support our recruiters and hiring managers, and all employment decisions include human review to ensure fairness, accuracy, and compliance with applicable laws. Please note that honesty and transparency are critical to our hiring process. Any attempt to falsify, misrepresent, or disguise information in an application, resume, assessment, or interview will result in disqualification from consideration. Broadridge Financial Solutions (NYSE: BR) is a global technology leader with trusted expertise and transformative technology, helping clients and the financial services industry operate, innovate, and grow. We power investing, governance, and communications for our clients – driving operational resiliency, elevating business performance, and transforming investor experiences. Our technology and operations platforms process and generate over 7 billion communications annually and underpin the daily average trading of over $15 trillion in equities, fixed income, and other securities globally. A certified Great Place to Work®, Broadridge is part of the S&P 500® Index, employing over 15,000 associates in 21 countries. LinkedIn Facebook Instagram Twitter YouTube Glassdoor The Muse Broadridge is committed to creating an engaging workplace for the most talented associates in our industry. We are dedicated to fostering a collaborative, inclusive, and healthy environment that promotes flexibility and accountability. As a leading provider of technology, communications, and data and analytics solutions to businesses around the world, it is critical that we understand, embrace, and operate in a multicultural environment. Every associate has unique strengths, which, when fully appreciated and embraced, allow individuals to perform at their best, leading to our success. We believe that our associates are our most important asset. Encouraging professional development opportunities is a core part of our culture. Broadridge provides educational opportunities, including formal classes, training programs and events. To enable learning in our hybrid working model, Broadridge has redesigned all development programs for 100% virtual delivery. Our associates have access to 8,500+ online courses covering business, leadership, technical, and function-specific topics through our LinkedIn Learning program.