Governance Risk and Compliance Risk Register Analyst
Posted Today by Mahantech Corporation
Negotiable
Undetermined
Remote
Remote or Austin, Texas
Summary: The Governance Risk and Compliance Risk Register Analyst is responsible for defining and implementing end-to-end governance workflows related to risk management. This role involves engaging stakeholders, facilitating workshops, and producing comprehensive documentation to support the enterprise risk register. The analyst will also establish roles and responsibilities, design reporting processes, and ensure knowledge transfer for sustainability. The position requires extensive experience in risk management frameworks and governance processes.
Key Responsibilities:
- Define end-to-end governance workflows for risk identification, review, acceptance, mitigation, and ongoing monitoring.
- Establish roles and responsibilities for risk owners, reviewers, and governance bodies.
- Design escalation and reporting processes for high-risk and accepted risks.
- Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows.
- Facilitate working sessions or workshops to socialize the risk register and governance processes.
- Support onboarding of initial risks into the enterprise risk register.
- Produce clear, audit-ready documentation covering risk register structure, scoring methodology, and governance workflows.
- Provide knowledge transfer to designated security staff to ensure sustainability beyond the contract term.
- Deliver an Enterprise Risk Register Framework, Risk Scoring and Prioritization Model, Risk Governance Model, Initial Population of Risk Register, and Final Documentation Package.
Key Skills:
- 8 years of experience with Risk Register Design and Framework.
- 8 years of experience with Risk Scoring and Prioritization Model.
- 8 years of experience with Governance Processes and Workflows.
- 8 years of experience with Stakeholder and Enablement.
- 8 years of demonstrated skill with documentation and knowledge transfer.
Salary (Rate): undetermined
City: undetermined
Country: undetermined
Working Arrangements: remote
IR35 Status: undetermined
Seniority Level: undetermined
Industry: Other
Define end to end governance workflows for:
o Risk identification and intake
o Risk review and validation
o Risk acceptance, mitigation, or transfer
o Ongoing monitoring and periodic reassessment
Establish roles and responsibilities for risk owners, reviewers, and governance bodies.
Design escalation and reporting processes for high risk and accepted risks.
Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows.
Facilitate working sessions or workshops to socialize the risk register and governance processes.
Support onboarding of initial risks into the enterprise risk register.
Produce clear, audit ready documentation covering:
o Risk register structure and data definitions
o Risk scoring methodology
o Governance workflows and decision authorities
Provide knowledge transfer to designated security staff to ensure sustainability beyond the contract term.
The contractor shall provide the following deliverables during the engagement:
1. Enterprise Risk Register Framework
o Standardized risk register template and taxonomy
2. Risk Scoring and Prioritization Model
o Documented likelihood and impact scales
o Scoring methodology and prioritization logic
3. Risk Governance Model
o Defined workflows for risk intake, review, acceptance, and monitoring
o Roles and responsibilities matrix
4. Initial Population of Risk Register
o Initial set of documented risks reflecting current cybersecurity and technology risk posture
5. Final Documentation Package
o Consolidated guidance and operating procedures for ongoing risk management
II. CANDIDATE SKILLS AND QUALIFICATIONS
| Minimum Requirements: Candidates that do not meet or exceed the minimum stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity. | ||
| Years | Required/Preferred | Experience |
| 8 | Required | Experience with Risk Register Design and Framework |
| 8 | Required | Experience with Risk Scoring and Prioritization Model |
| 8 | Required | Experience with Governance Processes and Workflows |
| 8 | Required | Experience with Stakeholder and Enablement |
| 8 | Required | Demonstrated skill with documentation and knowledge transfer |