Job Overview
Location
Remote - India
Job Type
Full-time
Category
HR & Recruiting
Date Posted
May 16, 2026
Full Job Description
đź“‹ Description
- • Conduct comprehensive vendor Business Impact Analysis (BIA) and Data Protection Impact Assessments (DPIA) for all new and existing third-party vendors to evaluate risk exposure and data privacy implications.
- • Perform end-to-end third-party risk assessments for cloud providers, software vendors, and data center partners, ensuring alignment with Vultr’s global TPRM program and regulatory obligations.
- • Coordinate the collection, validation, and documentation of security artifacts from vendors including audit reports, privacy policies, incident response plans, disaster recovery/business continuity plans, and compliance certifications.
- • Prioritize and escalate high-risk vendor assessments requiring technical review or proof-of-concept to the Security Engineering team for further evaluation.
- • Maintain real-time tracking of all vendor risk assessments using GRC platforms including Jira, AuditBoard, Drata, and Security Scorecard, ensuring accurate status updates and timely communication with stakeholders.
- • Own and update control evidence for TPRM program requirements to ensure readiness for internal audits, external audits, and regulatory examinations.
- • Support the sales team in responding to customer security and privacy questionnaires, serving as the primary point of contact for governance, risk, and compliance-related inquiries.
- • Provide guidance and answer internal stakeholder queries on global data privacy regulations including GDPR, DPDPA, CCPA, HIPAA, PCI DSS, and NIST frameworks.
- • Document, maintain, and improve TPRM program processes, SOPs, work instructions, and guidance notes in collaboration with Legal, SecOps, GRC, and Trust & Safety teams.
- • Continuously monitor and reevaluate vendor risk profiles based on changing business criticality, security posture, and regulatory developments to update mitigation strategies.
- • Escalate potential data breaches or compliance gaps for immediate investigation and resolution in coordination with relevant internal teams.
- • Assist in the development and expansion of Vultr’s global privacy program to safeguard customer, employee, and company data in accordance with applicable laws including India’s Digital Personal Data Protection Act, 2023.
- • Prepare and deliver regulatory compliance reports as required by internal leadership or external auditors.
- • Collaborate cross-functionally with Procurement, Engineering, Infrastructure, Legal, and Security teams to align vendor risk management practices with business objectives.
- • Ensure all TPRM activities comply with internationally recognized standards including SOC 2, ISO 27001, ISO 27701, NIST 800-53, NIST CSF, and FedRAMP.
- • Maintain accurate and accessible documentation of all vendor due diligence activities, risk ratings, and mitigation actions for auditability and transparency.
- • Advocate for continuous improvement of TPRM and privacy processes by integrating industry best practices and emerging regulatory requirements.
🎯 Requirements
- • Minimum of 3-5 years of work experience in IT/Security Compliance, Audit, or risk management functions
- • Proven experience conducting third-party risk assessments and managing vendor due diligence processes
- • Familiarity with compliance standards including SOC 2, ISO 27001, ISO 27701, NIST 800-53, NIST CSF, FedRAMP, DPDPA, GDPR, PCI DSS, and HIPAA
- • Proficiency in GRC platforms such as Jira, AuditBoard, Drata, and Security Scorecard
- • Bachelor’s degree or equivalent experience
- • Ability to collaborate across cross-functional teams including Legal, Security, Engineering, and Procurement
🏖️ Benefits
- • Medical Insurance stipend paid annually
- • Professional Development Reimbursement
- • 9 Company-Paid Holidays
- • Generous Leave Policy including 1 month paid sabbatical every 5 years and an Anniversary Bonus each year
- • First-year remote office setup allowance plus quarterly equipment reimbursement
- • Internet reimbursement
- • Fitness membership reimbursement
- • Company-paid Wellable subscription
Skills & Technologies
See exactly how your profile matches this role — strengths, skill gaps, and what to do about them.
About The Constant Company, LLC
The Constant Company, LLC operates the Vultr cloud infrastructure brand, providing on-demand compute, storage, bare-metal, and managed Kubernetes services from 32 global data centers. Founded in 2014, the company targets developers, SaaS businesses, and enterprises with hourly billing, API-driven provisioning, and standardized hardware. Services include virtual machines, block storage, load balancers, object storage, managed databases, and cloud GPUs, all accessible through a unified control panel and REST API. Vultr emphasizes price-performance, global reach, and rapid deployment for web applications, CI/CD workflows, and edge workloads without long-term contracts.
Subscribe to the weekly newsletter for similar remote roles and curated hiring updates.
Newsletter
Weekly remote jobs and featured talent.
No spam. Only curated remote roles and product updates. You can unsubscribe anytime.
Similar Opportunities
ConnectWise, LLC
3 months ago
GetYourGuide AG
3 months ago
Seccl Technology Limited
3 months ago
Zillow Group, Inc.
3 months ago