Summary
Overview
Work History
Education
Skills
Function and Specialization
Certification
Accomplishments
Websites
Affiliations
Timeline
Generic

Roshan M

Bangalore

Summary

Dynamic risk management professional with extensive experience at KPMG India, specializing in third-party risk assessments and ISO 27001 compliance. Proven track record in team leadership and stakeholder engagement, successfully enhancing risk frameworks and streamlining vendor onboarding processes. Adept at problem-solving and delivering impactful training to elevate organizational capabilities.

Overview

7
7
years of professional experience
1
1
Certification

Work History

Assistant Manager

KPMG INDIA
Bangalore
04.2023 - Current
  • Oversaw the end-to-end third-party risk lifecycle, including onboarding, periodic reviews, offboarding, and risk assessments.
  • Defined and continuously improved the third-party risk management framework, aligned with regulatory expectations and industry standards (e.g., NIST, ISO 27001).
  • Managed a team of analysts and associates, providing coaching, task oversight, and quality assurance for risk assessments and vendor engagements.
  • Built training materials and conducted knowledge-sharing sessions to uplift TPRM capability across the team and the organization.
  • Prepared and presented risk dashboards, third-party metrics, and escalated items to senior management and risk councils.
  • Tracked risk remediation plans and followed up with vendors and business units to ensure timely closure.
  • Actively contributed to the successful migration from an in-house third-party risk assessment tool to the KY3P platform, streamlining vendor onboarding and risk assessment workflows.
  • Assisted in mapping vendor data, risk scores, and assessment templates for accurate migration to KY3P.
  • Conducted user acceptance testing, and supported defect logging and resolution during the platform rollout phase.
  • Supported the training and onboarding of users on the KY3P tool, and acted as a point of contact during post-launch stabilization.

Senior Analyst

TekSystems
Bangalore
12.2021 - 03.2023
  • Conducted thorough risk assessments for third-party vendors in cybersecurity sector.
  • Evaluated vendor documentation, including SOC2, SIG questionnaires, and ISO certifications.
  • Identified control gaps and assessed residual risks, collaborating with business and security teams to define mitigation strategies.
  • Oversaw complete vendor lifecycle: onboarding, periodic reviews, reassessments, offboarding, and risk reevaluation.

Advisor II

Concentrix
Bangalore
10.2019 - 11.2021
  • Conducted comprehensive end-to-end third-party risk assessments, including risk classification and evaluation of controls.
  • Evaluated vendor responses to security questionnaires and essential documents, such as SOC 2 and ISO 27001.
  • Analyzed control gaps and residual risks, proposing mitigation strategies in collaboration with stakeholders.
  • Presented findings and escalated high-risk vendors during governance forums and risk committee meetings.

Advisor I

[24]7.ai
Bangalore
10.2018 - 10.2019
  • Conducted security and risk assessments for third-party vendors to identify vulnerabilities.
  • Collected and analyzed vendor risk questionnaire responses for comprehensive evaluations.
  • Coordinated with internal stakeholders to assess vendor services and criticality.
  • Documented risk findings and supported remediation efforts to mitigate identified risks.
  • Maintained risk register to monitor and track vendor-related risks.
  • Ensured alignment of vendor assessments with company policies and ISO 27001 standards.

Education

Bachelor of Engineering - Computer Science Engineering

Sri Taralabalu Jagadguru Institute of Technology
Ranebennur, Karnataka
06-2016

Skills

  • Risk assessment and mitigation
  • Vendor and project management
  • Team leadership and development
  • Stakeholder engagement and communication
  • Problem solving and user acceptance testing

Function and Specialization

Roshan M is an assistant manager in KPMG's third-party risk management practice operating in Bangalore, India

Certification

  • Certified Lead Auditor in ISO 27001 : 2022

Accomplishments

Received the Super Team Award in March 2025

Received Above and Beyond Award in March 2025

Affiliations

  • Gaming
  • Travelling
  • Sci-Fi Movies

Timeline

Assistant Manager

KPMG INDIA
04.2023 - Current

Senior Analyst

TekSystems
12.2021 - 03.2023

Advisor II

Concentrix
10.2019 - 11.2021

Advisor I

[24]7.ai
10.2018 - 10.2019

Bachelor of Engineering - Computer Science Engineering

Sri Taralabalu Jagadguru Institute of Technology

Similar Profiles

CREATE PROFILE
Roshan M