We’re uniquely invested. Are you?

Join teams of extraordinary professionals and make an impactful difference at our portfolio companies

Business Process Lead



Bengaluru, Karnataka, India
Posted on Thursday, March 21, 2024

We are a technology-led healthcare solutions provider. We are driven by our purpose to enable healthcare organizations to be future-ready. We offer accelerated, global growth opportunities for talent that’s bold, industrious, and nimble. With Indegene, you gain a unique career experience that celebrates entrepreneurship and is guided by passion, innovation, collaboration, and empathy. To explore exciting opportunities at the convergence of healthcare and technology, check out www.careers.indegene.com

What if we told you that you can move to an exciting role in an entrepreneurial organization without the usual risks associated with it?

We understand that you are looking for growth in your career at this point and we would love for you to join us in our journey and grow with us. At Indegene, our roles come with the excitement you require at this stage of your career with the reliability you seek. We believe in creating leaders of tomorrow and mentor our leads to help them grow and nurture them as people managers and account managers.

We are a rapidly growing global organization and are scouting for the best talent for this phase of growth. With us, you are at the intersection of two of the most exciting industries of healthcare and technology. We offer global opportunities with fast-track careers while you work with a team that is fueled by purpose. The combination of these will lead to a truly differentiated experience for you.

If this excites you, then apply below.

Role: Business Process Lead

You will be responsible for:

  • Audit third party risks covering the aspects of ISO 27001/27701/9001, CMMI and internal process audits.
  • Assess if third parties are qualified to provide service and have necessary policies, procedures, security measures and controls.
  • Prepare the audit report in accordance with the audit findings.
  • Prepare due diligence questionnaire and respond to RFP, RFI, SIG, GRC questionnaires on time as part of customer on boarding.
  • Identify the critical risks and ensure they are mitigated and closed in order to reduce business risks.
  • Classify vendors based on their risk levels to determine the appropriate level of oversight and control measures required.
  • Conduct initial assessments of potential prospective vendors to evaluate their suitability and risk profile.
  • Perform due diligence activities to assess vendors' reputation, regulatory compliance, and security controls.
  • Conduct risk assessments of third-party vendors to identify and assess potential risks and vulnerabilities.
  • Implement processes to monitor vendors' performance, compliance, and adherence to security and regulatory requirements.
  • Review and analyze vendor-provided reports, security assessments, and control audit results.
  • Ensure all the risks are covered during the audit, assess how well risk management processes are working and record the results
  • Provide management with periodic reports and updates on the status of vendor risks and compliance.
  • Establish process for reporting and addressing security incidents or breaches involving third-party vendors
  • Ensure vendors' compliance with applicable regulations, such as data protection, and privacy requirements.
  • Collaborate with relevant internal stakeholders like business units, enabling functions, procurement team to ensure effective communication and alignment of risk management objectives.
  • Contribute to definition and continuous improvement to ensure all the processes are inline to the activities and are accurate.

About you:

Any Bachelor's degree, preferably in Business Management, Computer Science, Economics, Commerce, or Information Technology.

Certifications such as Certified Information Systems Auditor (CISA), ISO/IEC 27001 Lead Auditor/Lead Implementor, Certified Third-Party Risk Professional (CTPRP), Certified Regulatory Vendor Program Manager (CRVPM), or relevant certifications in audit, risk, privacy, information security, business continuity management, etc.

Proficient in third-party risk management, third party risk assessment/audit, audit reporting, internal controls, business processes, internal IT control testing, and operational auditing.

Demonstrate knowledge of key risk areas such as information security risk, cyber risk, compliance risk and regulatory risk.

Must have: Experience in the following:

Audit and Assessment Techniques: Familiarity with auditing methodologies, assessment frameworks, and techniques for evaluating third-party controls.

Risk Assessment and Analysis: Ability to assess risks associated with third-party relationships, evaluate their potential impact, and analyze risk exposure.

Regulatory Compliance: Understanding of relevant industry regulations, compliance standards, and legal requirements pertaining to third-party relationships.

Vendor Management: Proficiency in vendor selection, due diligence, and ongoing monitoring processes to ensure vendors adhere to established standards.

Contract Analysis: Skill in reviewing and interpreting vendor contracts to identify potential risks and ensure alignment with organizational objectives.

Data Privacy and Security: Knowledge of data protection principles, cybersecurity practices, and the ability to evaluate third-party data handling and security protocols.

Adaptability: Flexibility to adapt to evolving regulations, technologies, and business processes within the TPRM landscape.

Project Management: Proficiency in managing TPRM audits, including planning, execution, and reporting.

Collaboration: Capacity to work collaboratively with cross-functional teams to achieve common TPRM objectives.

Industry Knowledge: Familiarity with the industry sector in which the organization operates, as different industries may have unique third-party risk considerations.

Communication Skills: Effective communication skills to interact with internal teams, vendors, and stakeholders, as well as to convey findings and recommendations clearly.

Analytical Thinking: Strong analytical skills to identify trends, patterns, and anomalies within third-party relationships and associated risks.

Problem-Solving: Ability to address complex issues and devise solutions to mitigate risks in third-party partnerships.

Ethical and Professional Behavior: Adherence to ethical standards and maintaining a high level of professionalism while dealing with sensitive information.

Nice to have: Certified ISO/IEC 27701 Lead Auditor/Lead Implementor, Certified Privacy and EU GDPR Practitioner (CPEGP)


Indegene is proud to be an Equal Employment Employer and is committed to the culture of Inclusion and Diversity. We do not discriminate on the basis of race, religion, sex, colour, age, national origin, pregnancy, sexual orientation, physical ability, or any other characteristics. All employment decisions, from hiring to separation, will be based on business requirements, the candidate’s merit and qualification.

We are an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, sex, national origin, gender identity, sexual orientation, disability status, protected veteran status, or any other characteristics.