Role: Architect I - Enterprise Solutions - TPRM solution architect/implementation specialist Experience: 10+ years Key Responsibilities Architect end-to-end TPRM solutions including vendor onboarding workflows, due-diligence assessments, continuous monitoring, and remediation processes. Design and configure risk scoring models, inherent/residual risk calculations, risk heatmaps, and automated risk rating logic using platform rule engines or scripting. Implement complex assessment workflows, including dynamic questionnaire logic, conditional sections, branching rules, triggered assessments, and automated follow-ups. Build and optimize vendor lifecycle processes such as intake, segmentation, tiering, approval chains, contract alignment, and periodic review cycles. Integrate external risk feeds and data providers (e.g., BitSight, SecurityScorecard, RiskRecon, Dun & Bradstreet) using APIs, IntegrationHub, or custom connectors. Configure TPRM dashboards, scorecards, risk indicators (KRIs), and performance metrics (KPIs) leveraging platform reporting and real-time analytics. Implement continuous monitoring capabilities including automated control checks, exception tracking, generation, and vendor performance monitoring logic. Develop automated control testing workflows using scripted automation packs, configurable control proof requests, and evidence collection portals. Design integrations between TPRM and related modules including IRM/GRC, Vendor Management, Contract Management, Procurement, and Security Operations. Build data models, table extensions and relationship structures for vendors, engagements, risks, controls, and regulatory mappings. Implement requirements mapping for standards such as ISO 27001, SOC2, NIST, PCI-DSS, or custom regulatory frameworks. Configure automated issue creation, remediation plan workflows, risk exceptions, and risk acceptance processes with full audit trails. Analyze data from vendor assessments, identify high-risk patterns, correlate findings, and implement logic for automated escalations and workflows. Conduct UAT, performance testing, platform optimization, and coordinate deployment activities following platform governance. Produce technical HLD/LLD documents covering data architecture, integrations, workflow orchestration, and risk models. Provide platform expertise, technical guidance, and architectural oversight to implementation teams, stakeholders, and risk owners. Skills and Attributes for Success Strong expertise in TPRM, third-party due diligence, vendor risk management, and regulatory frameworks. Hands-on experience implementing IRM/GRC platforms such as ServiceNow IRM, Archer GRC, MetricStream, OneTrust, LogicGate, or similar. Deep understanding of risk methodologies, including inherent/residual risk, control effectiveness, impact/likelihood quantification, and tiering models. Strong experience building risk workflows, process automation, notifications, approvals, and complex assessment logic. Proficiency with API integrations, REST/SOAP, OAuth, webhooks, and external data ingestion frameworks. Experience configuring or integrating external cyber risk scoring platforms (e.g., BitSight, SecurityScorecard, RiskRecon). Technical knowledge of data modeling, table structures, scripted business rules, UI policies, and flow designer/workflow engine. Strong analytical ability to interpret vendor response data, map control gaps, and translate findings into automated workflows or risk triggers. Familiarity with ISO 27001, NIST CSF, SOC2, GDPR, HIPAA, PCI-DSS, and other compliance frameworks. Strong troubleshooting skills for integration failures, API payload issues, workflow errors, and data model inconsistencies. Experience building dashboards, reports, KPIs, KRIs, and risk scorecards with drill-down analytics. Excellent communication skills for working with risk owners, procurement, security teams, and executive stakeholders. Ability to lead workshops, create solution designs, and translate business requirements into technical configurations. High attention to detail, strong problem-solving capabilities, and the ability to manage large, complex vendor risk programs. Collaborative mindset and ability to guide cross-functional teams in delivering enterprise-grade TPRM implementations.