Privacy & TPRM Analyst

Vultr

Privacy & TPRM Analyst conducting vendor risk assessments for cloud infrastructure company Vultr. Collaborating with stakeholders on global TPRM processes and data privacy assessments.

Posted 5/15/2026full-timeRemote • 🇮🇳 IndiaMid-LevelSeniorWebsite

Tech Stack

Tools & technologies

Cloud

About the role

Key responsibilities & impact

Conduct vendor Business Impact Analysis (BIA) and Data Privacy assessments.
Complete third-party risk assessments for all new vendors.
Ensure third-party risk assessments include an in-depth Business Impact Analysis (BIA) and Data Protection Impact Assessment (DPIA), supporting BCP/DR and Privacy programs.
Continually reevaluate vendors based on their criticality level to identify/document any changes that may impact on Constant’s risk exposure, data privacy, mitigation strategies, etc.
Coordinate the collection of required security assessment artifacts (e.g., audit reports, privacy policies, compliance documentation, incident response plan, disaster recovery/business continuity plans, etc.) from (new and existing) vendors periodically.
Prioritize assessments that require technical reviews/PoC to Security Engineering.
Prepare and monitor the status of each vendor risk assessment (software, data center, etc.) and communicate the status with key stakeholders regularly.
Update and document due diligence tracking with real-time status and escalate issues and concerns (e.g., oversight deficiencies, program concerns, and open risk items).
Own and update control evidence related to TPRM to ensure readiness for internal assessments and external audits.
Document program processes and procedures to ensure all updates to the TPRM program are captured and accessible to relevant parties.
Support the sales department in completing customer TPRM questionnaires and being the point of contact for security, governance and IT-related inquiries as needed.
Answering queries on global data privacy processing and protection requirements from internal stakeholders.
Escalating any potential data breaches for investigation and resolution.
Creating and maintaining documentation, privacy notices, privacy statements, SOPs, work instructions and guidance notes in cooperation with Legal, SecOps, GRC, Trust & Safety and other teams.
Assist in the continued development and maintenance of a comprehensive privacy program which minimizes risk and maintains the confidentiality of personal information of customers, employees and other applicable company data.
Preparing reports on regulatory compliance as needed.

Requirements

What you’ll need

Minimum of 3-5 years of work experience in IT/Security Compliance/Audit function (or equivalent).
Educational Qualification: Bachelor’s degree or equivalent experience.
Proven experience in compliance,privacy, risk, business continuity, and/or IT security program management.
Excellent written communications to internal and external audiences, including senior leadership.
Experience collaborating with cross-functional teams, including legal, procurement, engineering, infrastructure, security, suppliers, etc.
Ability to succeed in a team environment or work as an individual contributor
Familiarity with the security and compliance standards/regulations, specifically SOC 2, ISO 27001, ISO 27701, NIST 800-53, NIST CSF, FedRAMP, DPDPA, GDPR, PCI DSS and HIPAA.
Understanding of concepts related to information security domains such as Cloud Computing, Data Privacy, Physical Security, Identity and Access Management, Encryption, Vulnerability Management, Incident Response, etc.
Applicants must have work authorization that does not require sponsorship from the company now or in the future.
Bonus but not required - CIPP, CTPRM or equivalent certification.
Experience with Supplier Life Cycle Management - Vendor Contracting Process and Third-Party Risk Management Programs for Cloud providers.
Must be able to collaborate in US time zones
Must be able to start employment within 45 days of offer of employment
Self-starter and requires minimal direction from leadership.
Methodical and diligent with outstanding planning abilities
Able to meet deadlines and handle multiple priorities.
Strong ability to negotiate with business partners to attain successful outcomes.
Strong project management skills with the ability to manage several large projects at the same time, keeping them on scope, on budget, and on time.
Ability to present and effectively communicate with all levels of the organization.
Flexible with the ability to multitask, effectively prioritize, and work under pressure
Advocate of continuous improvement and industry-recognized best practice

Benefits

Comp & perks

Medical Insurance stipend paid annually
Professional Development Reimbursement
9 Company-Paid Holidays
Generous Leave Policy + 1 month paid sabbatical every 5 years + Anniversary Bonus each year
First year remote office setup + reimbursement per quarter each subsequent year for new equipment
Internet reimbursement
Fitness membership reimbursement
Company paid Wellable subscription

ATS Keywords

✓ Tailor your resume

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

Business Impact Analysis (BIA)Data Protection Impact Assessment (DPIA)Third-party risk assessmentsCompliance documentationIncident responseDisaster recoveryBusiness continuity planningPrivacy program managementSupplier Life Cycle ManagementProject management

Soft Skills

Excellent written communicationCollaborationTeamworkNegotiationPlanningMultitaskingFlexibilitySelf-starterDiligenceContinuous improvement

Certifications

CIPPCTPRMISO 27001ISO 27701SOC 2NIST 800-53NIST CSFFedRAMPDPDPAGDPR