By clicking the “Apply” button, I understand that my employment application process with Takeda will commence and that the information I provide in my application will be processed in line with Takeda’s Privacy Notice and Terms of Use . I further attest that all information I submit in my employment application is true to the best of my knowledge. **Job Description** **_OBJECTIVES/PURPOSE_** + Execute the full lifecycle of information security and data privacy third-party risk assessments as needed, either individually or through available resources, within the region + Assist and execute control assessment activities to identify control effectiveness, maturity and areas for improvements within region + Collaborate with internal third-party relationship owners and third-party representatives to recommend necessary security and privacy controls to effectively mitigate risks to Takeda + Assist in promoting third-party risk management processes across business lines to help influence a strong culture of proactive awareness for third-party security risks + Improve and help foster a positive end user experience with business stakeholders by enhancing our program to accommodate an agile business environment **_ACCOUNTABILITIES_** + Execute the full lifecycle of information security and data privacy third-party risk assessments as needed, either individually or through available resources + Collaborate with internal third-party relationship owners or third-party representatives in their efforts to provide responses to the security and privacy risk assessment questionnaire + Assist and execute regional control assessment activities to identify control effectiveness, maturity and areas for improvements + Effectively translate third-party responses to assessment questionnaire, using sound judgement, into concise risk exposure reporting for delivery to internal stakeholders + Partner with internal third-party relationship owners and third-party representatives to recommend necessary security and privacy controls to effectively mitigate risks to Takeda + Ensure robust tracking and remediation of third-party security and privacy risk exposures identified through assessment processes + Provide any necessary training and awareness related to the third-party security process + Contribute to the gathering and distribution of periodic program metrics and/or dashboards + Mentor and train new risk analysts **Technical/Functional Expertise** + Experience in evaluating third parties for the presence of fundamental information security and data privacy controls + Experience conducting risk assessments and applying concepts of inherent and residual risk to draw appropriate conclusions and articulate the same to non-technical audiences + Ability to effectively negotiate appropriate remediation of security gaps with third party representatives to ensure protection of Takeda information **Leadership** + Ability to effectively manage conflicting priorities + Develops strong relationships with other teams across the organization **Decision-making and Autonomy** + Assists the Regional Information Risk Assurance Lead with global risk and control assurance activities and regional execution + Responds to risk stakeholders in a timely manner, engages colleagues when needed, and escalates when necessary **Interaction** + Strong project management skills to effectively balance unexpected and conflicting priorities as they arise + Experience operating effectively across matrixed organizations + Intercultural sensitivity **Innovation** + Innovates to find new solutions to problems + Ability to apply innovative approaches within the program to identify win-win solutions **Complexity** + Regional role, but with coordination to the global program + Operate across geographies within a region and across business lines + Collaborate effectively with relevant third parties **Essential** + Bachelor’s degree or equivalent + 1-3 years of experience in information security and/or third-party risk management + Ability to manage multiple workstreams simultaneously + Ability to think critically and analytically + Capable of effectively managing shifting priorities + Strong communication, interpersonal, presentation, and organizational skills + Comfortable operating in and navigating a global organization where risk stakeholders can be located across geographies and time zones **Desired** + Security certification(s) (CISSP) + ServiceNow GRC experience **Locations** IND - Bengaluru **Worker Type** Employee **Worker Sub-Type** Regular **Time Type** Full time