Job Details

Role: Technology Risk Assessor

Location: Plano, Texas (Hybrid)

Long Term Contract

Description

The Technology Risk Assessor is an entry-level role focused on identifying, assessing, and documenting technology risks across the enterprise. This role supports the Technology Risk and Governance function by evaluating technology controls against industry-standard frameworks such as NIST, COBIT, and ISO, and by working closely with Control Owners to understand control design, effectiveness, and residual risk.

Core Responsibilities:

• Support enterprise Technology Risk Assessments across IT, cybersecurity, and technology domains.

• Assess technology risks using recognized frameworks including NIST, COBIT, and ISO/ISO 27001.

• Identify, document, and evaluate inherent and residual technology risks.

• Understand and document existing technology and security controls and how they mitigate risk.

• Map risks to controls and align them to applicable framework requirements.

• Engage and collaborate with Control Owners to perform control walkthroughs and risk discussions.

• Facilitate structured conversations with stakeholders to validate control design and operating effectiveness.

• Document risk statements, control descriptions, and supporting evidence in risk registers and governance tools.

• Support risk remediation tracking and follow-up with Control Owners.

• Prepare clear risk summaries and materials for risk governance and management review.

Technology Risk & Framework Focus

• Apply NIST, COBIT, and ISO principles to assess technology risks and controls.

• Understand how framework requirements translate into practical technology controls.

• Assist in identifying control gaps and areas of improvement relative to framework expectations.

• Support alignment of technology risk posture with organizational risk tolerance.

Requirements

• Foundational understanding of technology risk, IT controls, and governance concepts.

• Basic knowledge of cybersecurity and technology risk management.

• Familiarity with NIST, COBIT, and/or ISO frameworks (academic or professional).

• Strong written and verbal communication skills.

• Ability to engage professionally with Control Owners and technical stakeholders.

• Strong analytical, organizational, and documentation skills.

• Ability to translate technical discussions into clear risk language.

Education and Experience:

• Entry-level role; 0–3 years of experience in technology, IT risk, cybersecurity, audit, compliance, or governance.

• Bachelor's degree in Information Systems, Cybersecurity, Computer Science, Business, or a related field (or equivalent experience).

Key Success Factors:

• Comfortable navigating conversations with Control Owners and stakeholders.

• Clear and structured articulation of technology risks and controls.

• Strong attention to detail and documentation quality.

• Willingness to learn and grow within a Technology Risk and Governance function.

• Collaborative mindset across technical and non-technical teams.