Risk Specialist; IT Risk Assessment

Summary

Pinnacle Group is seeking a Risk Specialist to support third-party IT risk management and technology vendor assessment activities. This role will focus on evaluating technology vendors from an IT risk perspective, supporting audit readiness, and ensuring alignment with established security, compliance, and governance standards. The ideal candidate brings strong knowledge of ISO and SOC frameworks, experience working with third-party auditors, and the ability to grow into a future leadership role.

• Perform third-party risk assessments and vendor assessments focused on technology, security, and IT control environments.
• Evaluate vendor risk posture by reviewing documentation, controls, processes, and responses to security and compliance questionnaires.
• Support the organization’s third-party risk management program by identifying gaps, documenting findings, and recommending remediation actions.
• Interface with third-party auditors, vendors, and internal stakeholders to gather information and respond to assessment requests.
• Review and interpret ISO, SOC, and related compliance documentation to assess alignment with organizational risk requirements.
• Assist in responding to third-party questionnaires on behalf of the client, ensuring responses are accurate, complete, and professionally documented.
• Maintain organized assessment records, supporting materials, and risk documentation in accordance with internal policies and procedures.
• Collaborate with cross-functional teams to improve risk assessment processes, strengthen vendor oversight, and support audit readiness.
• Demonstrate the ability to take on increasing responsibility and grow into a future leadership role within the risk function.

• Experience performing IT assessments from a risk perspective, specifically related to third-party risk management and technology vendor assessments.
• Strong knowledge of ISO and SOC frameworks, reports, controls, and related compliance expectations.
• Experience interfacing with third-party auditors and responding to third-party risk or security questionnaires.
• Ability to assess technology vendors, identify risk concerns, document findings, and communicate recommendations clearly.
• Strong written and verbal communication skills, with the ability to work effectively with auditors, vendors, and internal stakeholders.
• Demonstrated potential to grow into a leadership role, including ownership mindset, sound judgment, and the ability to influence process improvements.
• Preferred experience with SaaS environments and AI-driven assessment processes.
• Preferred experience using Drata or similar compliance and risk management platforms.

This is an opportunity to contribute to a growing risk and compliance function while supporting meaningful third-party technology risk initiatives. You will work in a collaborative environment where your expertise in IT assessments, vendor risk, and compliance frameworks will directly support business resilience and audit readiness. Pinnacle Group values professionals who are proactive, detail-oriented, and eager to grow into broader leadership responsibilities.

Pinnacle Group is committed to providing fair and competitive compensation based on experience, skills, qualifications, and business needs. Compensation details may vary depending on the role, location, and employment arrangement. Eligible employees may have access to benefits including medical, dental, vision, life insurance, disability coverage, 401(k), paid time off, and other applicable benefits, subject to plan terms and eligibility requirements.