US jobs, C2C Hotlists, vendor list and Staffing News

C2c Role Governance Risk and Compliance (GRC) Risk Register Analyst || Remote

Working Title: Governance Risk and Compliance (GRC) Risk Register Analyst
Title/Level: Information Security Manager 3
Location RemoteI.


 KEY RESPONSIBILITIES
Risk Governance & Framework Development
  • Design and implement end-to-end risk governance workflows, including:
    • Risk identification and intake
    • Risk review and validation
    • Risk acceptance, mitigation, or transfer
    • Continuous monitoring and reassessment
  • Define roles and responsibilities for risk owners, reviewers, and governance bodies
  • Establish escalation procedures and reporting mechanisms for high-risk scenarios
Risk Register & Scoring Model
  • Develop and standardize the enterprise risk register structure and taxonomy
  • Create and document risk scoring methodologies, including likelihood and impact scales
  • Define prioritization logic for effective risk management decision-making
Stakeholder Engagement & Enablement
  • Collaborate with cross-functional stakeholders across business, IT, security, and governance teams
  • Facilitate workshops and working sessions to validate workflows and requirements
  • Drive adoption and onboarding of risks into the enterprise risk register
Documentation & Knowledge Transfer
  • Produce comprehensive, audit-ready documentation including:
    • Risk register framework and data definitions
    • Risk scoring and prioritization models
    • Governance workflows and decision authorities
  • Provide knowledge transfer and training to internal security staff
III. DELIVERABLES
The contractor will be responsible for delivering:
  1. Enterprise Risk Register Framework
    • Standardized templates and taxonomy
  2. Risk Scoring & Prioritization Model
    • Defined scoring criteria and prioritization methodology
  3. Risk Governance Model
    • Documented workflows and roles/responsibilities
  4. Initial Risk Register Population
    • Baseline risks reflecting current cybersecurity posture
  5. Final Documentation Package
    • Complete operational guidance and procedures
IV. REQUIRED SKILLS & QUALIFICATIONS
Minimum Requirements (Mandatory)
  • 8+ years of experience in:
    • Risk Register Design and Framework development
    • Risk Scoring and Prioritization methodologies
    • Governance processes and workflow implementation
    • Stakeholder engagement and enablement
    • Documentation, reporting, and knowledge transfer
  • Strong understanding of GRC frameworks and cybersecurity risk management practices
  • Proven ability to create audit-ready documentation
  • Excellent communication and facilitation skills
VIII. IDEAL CANDIDATE PROFILE
  • Strong background in enterprise risk management (ERM) and GRC tools/processes
  • Experience working with government or public sector organizations preferred
  • Ability to translate complex risk concepts into actionable frameworks
  • Skilled in leading cross-functional collaboration and governance initiatives
Thanks & Regards
Mohammad Faisal

About Author

I’m Monica Kerry, a passionate SEO and Digital Marketing Specialist with over 9 years of experience helping businesses grow their online presence. From SEO strategy, keyword research, content optimization, and link building to social media marketing and PPC campaigns, I specialize in driving organic traffic, boosting rankings, and increasing conversions. My mission is to empower brands with result-oriented digital marketing solutions that deliver measurable success.

Leave a Reply

Your email address will not be published. Required fields are marked *

×

Post your C2C job instantly

Quick & easy posting in 10 seconds

Keep it concise - you can add details later
Please use your company/professional email address
Simple math question to prevent spam
✅ Quick posting • 🔒 Secure • 🚀 Instant visibility