Third Party Security Assessor
Mumbai, Maharashtra, India
Third Party Security Assessor
- 202509060
- Mumbai, Maharashtra, India
- Full time
Description
About the Team:
Information and Cyber Security team aims at protecting WTW, our colleagues and our clients confidential information by assuring its handled securely by security assessing assets and Third parties as well as assuring client legal obligations with control owners globally.
-
Key Responsibilities
▪ Leading and coordinating the completion of third-party assessment requests against WTW best practice and global standards and controls.
▪ Scheduling periodical re-assessment in line with standards and controls.
▪ Agree scheduled checkpoints with the third party and WTW Service Owner on evidencing remediations and maintaining central repository; these are tracked through to closure.
▪ Providing comprehensive reporting across operational and security KPIs related to third-party assurance activities and identifying gaps, risks, and therefore mitigating actions, and raising appropriate escalations for decision with Head of ICS Third Party Supplier Assurance.
▪ Providing risk-based assurance advice on all information security issues.
▪ Provide key information to leadership as input for prioritizing the future strategy for the organization.
▪ Coordinate with the CISO Office and the Internal Audit function in order to coordinate the execution of internal and external audits and manage the delivery of the required remediation activities in a timely manner.
▪ Assisting and collaborating with internal teams on third-party security incidents investigation and response.
▪ Assist in developing and continuously improving third-party risk management frameworks and processes to help ensure that the information security controls outlined in the policies and standards are effectively applied by third-party providers. Required Skills
Third-party risk management
IT General Controls (ITGC)
Security audits and compliance
Review of SOC 2 and other security assessment reports
Nice to Have
Information security certifications (CISM, CISSP, etc.)
Knowledge of security and privacy regulations
Basic understanding of security operations
Soft Skills
Strong communication and stakeholder management
Ability to work well in teams
Adaptable and proactive mindset
Qualifications
Degree in Business, Information Technology, or a related field
4+ years of experience in third-party risk, information security, or governance
We’re committed to equal employment opportunity and provide application, interview and workplace adjustments and accommodations to all applicants. If you foresee any barriers, from the application process through to joining WTW, please email candidatehelpdesk@wtwco.com.
Other People Viewed
Unsolicited Contact
Any unsolicited resumes/candidate profiles submitted through our web site or to personal e-mail accounts of employees of Willis Towers Watson are considered property of Willis Towers Watson and are not subject to payment of agency fees. In order to be an authorized Recruitment Agency/Search Firm for Willis Towers Watson, any such agency must have an existing formal written agreement signed by an authorized Willis Towers Watson recruiter and an active working relationship with the organization. Resumes must be submitted according to our candidate submission process, which includes being actively engaged on the particular search. Likewise, for our authorized Recruitment Agencies/Search Firms, if the candidate submission process is not followed, no agency fees will be paid by Willis Towers Watson. Willis Towers Watson is an equal opportunity employer. If you would like to have your contact information saved for future consideration, please email: Agency.inquiries@willistowerswatson.com.
Our Offices
Our colleagues serve more than 140 countries and markets around the world. This gives a global dimension to everything we do and creates lots of exciting opportunities for you to collaborate and grow. Explore the map below to see where you career could take you.
