Be an Early Applicant
A legacy of entertainment, now united as one. Welcome to JioStar - where stories and experiences are infinite!
The Role
Conduct risk assessments of vendors, evaluate content security, data privacy, and compliance. Lead vendor interactions and oversee TPRM enhancements.
Summary Generated by Built In
Job Summary: As a media organization, JioStar India engages with a diverse ecosystem of third-party partners that support content creation, post-production, technology operations, and business services. To protect our content, data, and overall enterprise environment, it is essential that all vendors meet defined security, privacy, and operational standards.
The Third-Party Risk Management (TPRM) Program ensures that every partner—content and non-content—is assessed for potential risks related to information security, data privacy, operational resilience, compliance, and content protection. This role plays a critical part in identifying vulnerabilities that may result in content leakage, data breaches, service disruptions, or regulatory non-compliance.
You will apply your expertise in risk assessment, privacy frameworks, and security controls to evaluate partners and support the creation of a secure, compliant, and resilient vendor ecosystem.
Role Summary: As a Third-Party Risk Assessor, you will conduct holistic assessments covering information security, content security, data privacy, and operational risk for all external vendors. You will support vendor onboarding, periodic reviews, remediation management, and continuous monitoring across content and non-content categories.
Key Responsibilities:
- Perform risk assessments for content production/post-production vendors, technology partners, and enterprise/operations vendors.
- Information Security
- Data Privacy (e.g., PII handling, data lifecycle, cross-border transfers, retention policies)
- Content Security (DRM, content handling, studio controls, access restrictions)
- Operational Risk & Business Continuity
- Compliance (ISO, SOC, regulatory requirements)
- Assess third-party privacy practices, including data collection, processing, storage, and sharing mechanisms.
- Validate compliance with internal privacy policies, contractual obligations, and applicable regulations.
- Review Data Processing Agreements (DPAs) to ensure third-party commitments match operational practices.
- Identify risks related to data exposure, misuse, or privacy violations and recommend mitigation steps.
- Conduct onsite and remote assessments to validate technical, physical, and administrative controls.
- Identify control gaps related to content protection, data protection, infrastructure security, and process maturity.
- Work with vendors to develop, monitor, and close remediation plans.
- Lead vendor interactions throughout the assessment lifecycle: documentation requests, clarifications, and recommendations.
- Maintain detailed risk reports, assessment summaries, compliance tracking, and risk scoring.
- Collaborate with internal Legal, IT Security, Finance, Procurement, and Business teams to support onboarding and contract renewals.
- Conduct periodic reassessments for high-risk and critical vendors.
- Monitor new vulnerabilities or changes in vendor environments that may impact risk posture.
- Identify opportunities to streamline assessment workflows, improve control frameworks, and enhance TPRM maturity.
Evaluate vendors across domains including:
Data Privacy Assessment Responsibilities:
Security & Control Validation:
Governance, Reporting & Communication:
Continuous Monitoring & TPRM Enhancement:
Required Skills & Qualifications:
- 4+ years experience in Third-Party Risk Management, Data Privacy Assessment, Information Security, or Audit & Compliance.
- Ability to travel domestically for onsite assessments.
- Basic understanding of media workflows (IPTV / OTT / Broadcast) is beneficial but not mandatory.
Preferred Education and Experience:
- Bachelor’s/Master’s degree or equivalent professional experience.
- Advantageous experience working with large enterprises or consulting firms (e.g., Big 4).
- Preferred certifications: ISO 27001 LA/LI, CISA, CISSP, CIPP, CRISC.
Closing:
About Us
Perched firmly at the nucleus of spellbinding content and innovative technology, JioStar is a leading global media & entertainment company that is reimagining the way audiences consume entertainment and sports. Its television network and streaming service together reach more than 750 million viewers every week, igniting the dreams and aspirations of hundreds of million people across geographies.
JioStar is an equal opportunity employer. The company values diversity and its mission is to create a workplace where everyone can bring their authentic selves to work. The company ensures that the work environment is free from any discrimination against persons with disabilities, gender, gender identity and any other characteristics or status that is legally protected
Top Skills
Cipp
Cisa
Cissp
Crisc
Iso 27001 La
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
A legacy of entertainment, now united as one. Welcome to JioStar - where stories and experiences are infinite!
