GRC Manager – Technology Risk & Governance

Job not on LinkedIn

🔥 0 minutes ago

Apply Now

Find Similar Remote Jobs

Receive Emails For Remote Jobs

📊 Check your resume score for this job

Improve your chances of getting an interview by checking your resume score before you apply.

Upload Resume

Pinnacle Group, Inc.

WebsiteLinkedInAll Job Openings

5001 - 10000 employees

🏢 Enterprise

👥 HR Tech

🤝 B2B

Enterprise • HR Tech • B2B

Pinnacle Group, Inc. is a leading provider of contingent workforce solutions, specializing in Managed Services (MSP), Vendor Management Software (VMS) implementation, and payrolling services. As a diversity-driven, VMS-agnostic service provider, Pinnacle Group delivers scalable workforce solutions globally, ensuring cost savings, attrition reduction, and compliance for its clients. With a strong focus on strategic services, Pinnacle has partnered with Fortune 500 companies to optimize their workforce management, achieving 100% supplier payment accuracy. The company is Latina-owned and is recognized for its commitment to supplier diversity and innovative workforce strategies.

📋 Description

• Own and manage the third-party risk management program, including risk-based vendor assessments, onboarding reviews, and periodic evaluations throughout the vendor lifecycle. • Partner with Information Security, Legal, Compliance, IT, and business stakeholders to identify, assess, document, and mitigate technology, cybersecurity, privacy, AI, and vendor-related risks. • Review SOC 1 and SOC 2 reports, ISO 27001 certifications, penetration testing reports, business continuity plans, disaster recovery documentation, privacy materials, and related compliance evidence. • Interface with third-party auditors, vendors, and internal stakeholders to gather documentation, respond to assessment requests, and support audit readiness. • Support responses to technology-related third-party questionnaires, ensuring information is accurate, complete, consistent, and professionally documented. • Maintain organized assessment records, risk documentation, compliance evidence, and supporting materials in accordance with internal policies and procedures. • Prepare risk summaries, dashboards, reports, and governance materials for leadership and committee review. • Maintain and support Pinnacle Group’s ISO 27001 certification and SOC 2 compliance in partnership with IT and other key stakeholders. • Collaborate with cross-functional teams to create, maintain, and implement AI-related standards, procedures, and risk governance practices. • Enhance and maintain Pinnacle Group’s business continuity plan in collaboration with appropriate business and technology stakeholders.

🎯 Requirements

• Bachelor’s degree in Business Information Systems, Cybersecurity, Risk Management, Compliance, or a related field. • Experience in technology risk, governance, compliance, information security, audit, third-party risk management, or a related discipline. • Strong experience performing vendor risk assessments for SaaS platforms, cloud providers, managed service providers, software vendors, and AI-enabled products. • Working knowledge of security and compliance frameworks such as ISO 27001, SOC standards, NIST, CIS Controls, and related governance practices. • Experience interfacing with third-party auditors and responding to security, risk, compliance, or vendor assessment questionnaires. • Ability to assess technology vendors, identify risk concerns, document findings, and communicate recommendations clearly to technical and non-technical stakeholders. • Strong written and verbal communication skills with the ability to collaborate effectively across auditors, vendors, IT, Legal, Compliance, and business teams. • Experience using Drata or similar governance, risk, and compliance platforms preferred. • Working knowledge of AI-related risks, controls, governance standards, and emerging compliance considerations preferred.

🏖️ Benefits

• Health insurance • Retirement plans • Paid time off • Flexible work arrangements • Professional development