Job Title: GRC Risk Register Analyst (Governance, Risk & Compliance)
Location: Remote (U.S.)
Duration: Contract
Job Summary:
We are seeking a senior GRC Risk Register Analyst to design and implement enterprise risk register frameworks and governance workflows. This role will drive risk identification, scoring, prioritization, and ongoing monitoring while aligning with organizational security and compliance standards.
Key Responsibilities:
- Design and implement enterprise risk register framework, taxonomy, and data structure
- Develop risk scoring models including likelihood, impact, and prioritization methodology
- Define end-to-end governance workflows (risk intake, validation, acceptance, mitigation, monitoring)
- Establish roles, responsibilities, and escalation processes for risk management
- Collaborate with business, IT, and security stakeholders to validate risk processes
- Facilitate workshops and onboarding of risks into the risk register
- Produce audit-ready documentation, including governance models and operating procedures
- Support initial population and maintenance of the enterprise risk register
- Provide knowledge transfer and enablement to internal security teams
Required Skills & Experience:
- 8+ years in GRC, risk management, or information security governance
- Strong experience in risk register design and implementation
- Expertise in risk scoring, prioritization, and governance frameworks
- Experience working with cross-functional stakeholders and driving workshops
- Strong documentation, communication, and process design skills