Bestkaam Logo
Back to Jobs
Pinnacle Group, Inc.

Risk Manager

Actively Reviewing

Pinnacle Group, Inc.

India Full-Time 4–8 yrs exp Posted 2 hours ago  · Apply by Sep 14, 2026

About Pinnacle Group

Pinnacle Group is a leading workforce solutions provider with deep experience supporting enterprise clients across corporate, professional services, technology, and operational functions. We partner with organizations to deliver high-quality talent solutions that help teams strengthen governance, improve business processes, and manage risk effectively. Our approach emphasizes professionalism, accountability, and long-term partnership.


Summary

Pinnacle Group is seeking a Third-Party Risk Analyst (Technology/AI Risk) to implement, manage and oversee our third-party risk management program, with particular focus on identifying and mitigating information technology and Artificial Intelligence (AI) related risks. This role will partner with Information Security, Legal, Compliance, and Business stakeholders to identify, assess, and mitigate risks associated with all third-party relationships. The ideal candidate has 3–5 years of experience in third-party risk management, technology risk, compliance, information security, audit, or a related discipline and is comfortable evaluating vendor controls, cybersecurity practices, and emerging AI-related risks, but also capable and willing to manage the entirety of the third-party risk management program.


Job Description

  • Sole and complete ownership of the third-party risk management program, which requires completion of risk-based assessments of third-party vendors throughout the vendor lifecycle, including new vendor onboarding and periodic reviews.
  • Interface with third-party auditors, vendors, and internal stakeholders to gather information and respond to assessment requests.
  • Review and interpret SOC 1 and 2 reports, ISO 27001 certifications,, penetration testing reports, business continuity and disaster recovery plans, privacy and data protection and related compliance documentation to assess alignment with organizational risk requirements.
  • In collaboration with the IT department, assist in responding to information technology related third-party questionnaires, ensuring responses are accurate, complete, and professionally documented.
  • Maintain organized assessment records, supporting materials, and risk documentation in accordance with internal policies and procedures.
  • Prepare risk summaries, dashboards, and report for management and governance committees.
  • Collaborate with cross-functional teams to improve risk assessment processes, strengthen vendor oversight, and support audit readiness.
  • Demonstrate the ability to take on increasing responsibility and grow into a future leadership role within the risk function.
  • Ensure maintenance of Pinnacle Group’s ISO 27001 certification and SOC 2 compliance, with support from IT department.
  • Collaborate with key stakeholders to create, maintain and implement AI related standards and procedures
  • Enhance and maintain Pinnacle Group’s business continuity plan in collaboration with appropriate stakeholders


Requirements

  • Bachelor’s degree in Business Information Systems, Cybersecurity, Risk Management or related field.
  • Experience performing third-party risk assessments including expertise in completing technology vendor assessments, including Saas platforms, cloud providers, managed service providers, and software vendors, and AI enabled products
  • Strong knowledge of industry technology security frameworks such as NIST, ISO 27001, CIS Controls, and SOC standards
  • Experience interfacing with third-party auditors and responding to third-party risk or security questionnaires.
  • Ability to assess technology vendors, identify risk concerns, document findings, and communicate recommendations clearly.
  • Strong written and verbal communication skills, with the ability to work effectively with auditors, vendors, and internal stakeholders.
  • Demonstrated potential to grow into a leadership role, including ownership mindset, sound judgment, and the ability to influence process improvements.
  • Experience using Drata or similar governance and risk management platforms.
  • Working knowledge of AI related risks.