Governance/Compliance Risk Register Analyst
Posted Today by Innosoul inc
Negotiable
Undetermined
Remote
Remote
Summary: The Governance/Compliance Risk Register Analyst role involves designing and implementing governance workflows for risk management, including risk identification, validation, and monitoring. The position requires collaboration with stakeholders to establish risk frameworks and documentation processes. The contractor will deliver a comprehensive risk register framework and governance model within a 3-month engagement. This role is remote and focuses on ensuring sustainable risk management practices.
Key Responsibilities:
- Define end-to-end governance workflows for risk management.
- Establish roles and responsibilities for risk owners and governance bodies.
- Design escalation and reporting processes for high-risk scenarios.
- Engage stakeholders to validate risk requirements and workflows.
- Facilitate workshops to socialize the risk register and governance processes.
- Support onboarding of initial risks into the enterprise risk register.
- Produce clear, audit-ready documentation for risk management processes.
- Provide knowledge transfer to security staff for sustainability.
- Deliver an enterprise risk register framework and governance model.
- Document initial risks reflecting the current cybersecurity posture.
Key Skills:
- Experience with Risk Register Design and Framework.
- Experience with Risk Scoring and Prioritization Model.
- Experience with Governance Processes and Workflows.
- Experience with Stakeholder Engagement and Enablement.
- Demonstrated skill in documentation and knowledge transfer.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: Other
Job ID: TX-70126089
Remote Governance/Compliance Risk Register/GRC Analyst (15+) with Risk Register Design/Framework, Risk Scoring/Prioritization Model experience
Location: Austin, TX (TEA)
Duration: 3 Months
Skills:
8 Required Experience with Risk Register Design and Framework
8 Required Experience with Risk Scoring and Prioritization Model
8 Required Experience with Governance Processes and Workflows
8 Required Experience with Stakeholder and Enablement
8 Required Demonstrated skill with documentation and knowledge transfer
Description:
Define end to end governance workflows for:
o Risk identification and intake
o Risk review and validation
o Risk acceptance, mitigation, or transfer
o Ongoing monitoring and periodic reassessment
Establish roles and responsibilities for risk owners, reviewers, and governance bodies.
Design escalation and reporting processes for high risk and accepted risks.
Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows.
Facilitate working sessions or workshops to socialize the risk register and governance processes.
Support onboarding of initial risks into the enterprise risk register.
Produce clear, audit ready documentation covering:
o Risk register structure and data definitions
o Risk scoring methodology
o Governance workflows and decision authorities
Provide knowledge transfer to designated security staff to ensure sustainability beyond the contract term.
The contractor shall provide the following deliverables during the engagement:
1. Enterprise Risk Register Framework
o Standardized risk register template and taxonomy
2. Risk Scoring and Prioritization Model
o Documented likelihood and impact scales
o Scoring methodology and prioritization logic
3. Risk Governance Model
o Defined workflows for risk intake, review, acceptance, and monitoring
o Roles and responsibilities matrix
4. Initial Population of Risk Register
o Initial set of documented risks reflecting current cybersecurity and technology risk posture
5. Final Documentation Package
o Consolidated guidance and operating procedures for ongoing risk management