Pinnacle Group, Inc. Logo

Pinnacle Group, Inc.

GRC Manager - Technology Risk & Governance

Posted 18 Days Ago
Be an Early Applicant
Remote
Hiring Remotely in India
Senior level
Remote
Hiring Remotely in India
Senior level
Own and manage third-party risk and vendor lifecycle assessments. Partner with InfoSec, Legal, Compliance, IT and business teams to assess and mitigate technology, cybersecurity, privacy and AI risks. Review SOC/ISO reports, penetration tests, BC/DR and privacy evidence. Support audit readiness, maintain ISO 27001 and SOC 2 compliance, produce risk dashboards, and develop AI-related governance and business continuity plans.
The summary above was generated by AI

Pinnacle Group exists to connect people with opportunity. For the last 25 years, we've done exactly that by living our core values of putting people first, delivering excellence in all we do, and giving back to the communities in which we live and work. We are a leading workforce solutions company supporting the talent needs of global leaders in financial services, technology, communications, utilities, and transportation and we are one of the largest women and minority-owned companies in our industry. Our team of service-driven, energetic, and diverse professionals is well-respected in our industry and our leadership team is aligned and focused on taking the company to the next level. If you're looking for a new opportunity where you can truly make a difference, we hope you'll apply for a position with us.

Job Summary

  • Own and manage the third-party risk management program, including risk-based vendor assessments, onboarding reviews, and periodic evaluations throughout the vendor lifecycle.
  • Partner with Information Security, Legal, Compliance, IT, and business stakeholders to identify, assess, document, and mitigate technology, cybersecurity, privacy, AI, and vendor-related risks.
  • Review SOC 1 and SOC 2 reports, ISO 27001 certifications, penetration testing reports, business continuity plans, disaster recovery documentation, privacy materials, and related compliance evidence.
  • Interface with third-party auditors, vendors, and internal stakeholders to gather documentation, respond to assessment requests, and support audit readiness.
  • Support responses to technology-related third-party questionnaires, ensuring information is accurate, complete, consistent, and professionally documented.
  • Maintain organized assessment records, risk documentation, compliance evidence, and supporting materials in accordance with internal policies and procedures.
  • Prepare risk summaries, dashboards, reports, and governance materials for leadership and committee review.
  • Maintain and support Pinnacle Group’s ISO 27001 certification and SOC 2 compliance in partnership with IT and other key stakeholders.
  • Collaborate with cross-functional teams to create, maintain, and implement AI-related standards, procedures, and risk governance practices.
  • Enhance and maintain Pinnacle Group’s business continuity plan in collaboration with appropriate business and technology stakeholders.

Qualifications

  • Bachelor’s degree in Business Information Systems, Cybersecurity, Risk Management, Compliance, or a related field.
  • Experience in technology risk, governance, compliance, information security, audit, third-party risk management, or a related discipline.
  • Strong experience performing vendor risk assessments for SaaS platforms, cloud providers, managed service providers, software vendors, and AI-enabled products.
  • Working knowledge of security and compliance frameworks such as ISO 27001, SOC standards, NIST, CIS Controls, and related governance practices.
  • Experience interfacing with third-party auditors and responding to security, risk, compliance, or vendor assessment questionnaires.
  • Ability to assess technology vendors, identify risk concerns, document findings, and communicate recommendations clearly to technical and non-technical stakeholders.
  • Strong written and verbal communication skills with the ability to collaborate effectively across auditors, vendors, IT, Legal, Compliance, and business teams.
  • Experience using Drata or similar governance, risk, and compliance platforms preferred.
  • Working knowledge of AI-related risks, controls, governance standards, and emerging compliance considerations preferred.

Similar Jobs

9 Hours Ago
Remote
India
Expert/Leader
Expert/Leader
Cloud • Information Technology • Productivity • Software • Automation
As a Technical Architect, lead the development of enterprise solution architectures, design integration solutions, and ensure best practices for Boomi products.
Top Skills: Ai AutomationArchimateAWSAzureBoomi AtomsphereCobitDockerGCPGroovyJavaJavaScriptJSONKubernetesLlmsNoSQLRagRestSafeSoapSQLTogafXMLZachman
9 Hours Ago
Remote
India
Expert/Leader
Expert/Leader
Cloud • Information Technology • Productivity • Software • Automation
The Technical Architect leads the development of enterprise solution architecture, evaluating integration requirements, providing infrastructure recommendations, and promoting best practices for Boomi products.
Top Skills: ArchimateAtomsphere Integration PlatformAWSAzureCobitDockerGCPGroovyJavaJavaScriptJmsKubernetesMdh Master Data ManagementNoSQLSafeSQLTogafZachman
9 Hours Ago
Remote
India
Mid level
Mid level
Cloud • Information Technology • Productivity • Software • Automation
The Reporting and Analytics Advisor is responsible for managing reporting, dashboards, and data visualization for internal clients, utilizing Power BI and SQL to create impactful analytics and streamline data processes.
Top Skills: DaxPower BISnowflake Data CloudSQL

What you need to know about the Chennai Tech Scene

To locals, it's no secret that South India is leading the charge in big data infrastructure. While the environmental impact of data centers has long been a concern, emerging hubs like Chennai are favored by companies seeking ready access to renewable energy resources, which provide more sustainable and cost-effective solutions. As a result, Chennai, along with neighboring Bengaluru and Hyderabad, is poised for significant growth, with a projected 65 percent increase in data center capacity over the next decade.

Sign up now Access later

Create Free Account

Please log in or sign up to report this job.

Create Free Account