Read Notes Before Sending the Profiles || Governance Risk & Compliance Risk Register Analyst (GRC Analyst) || Remote

0 views
Skip to first unread message

YASH SHARMA

unread,
Apr 28, 2026, 9:33:04 AMApr 28
to

Job Title: Governance Risk & Compliance Risk Register Analyst (GRC Analyst)

Job Location: Remote

Job Type: Contract


Notes:

  • Only for H1B & H4-EAD
  • Must have 7 Years of Experience in the USA
  • Overall 10-12 Years of Experience
  • Prior State/Federal Client Experience is Highly Preferred. 


Job Description:

  • Define end to end governance workflows for: 
    • Risk identification and intake.
    • Risk review and validation.
    • Risk acceptance, mitigation, or transfer.
    • Ongoing monitoring and periodic reassessment.
    • Establish roles and responsibilities for risk owners, reviewers, and governance bodies.
    • Design escalation and reporting processes for high risk and accepted risks.
  • Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows.
  • Facilitate working sessions or workshops to socialize the risk register and governance processes.
  • Support onboarding of initial risks into the enterprise risk register.
  • Produce clear, audit ready documentation covering: 
    • Risk register structure and data definitions.
    • Risk scoring methodology.
    • Governance workflows and decision authorities.
  • Provide knowledge transfer to designated security staff to ensure sustainability beyond the contract term.

 

The contractor shall provide the following deliverables during the engagement:

1. Enterprise Risk Register Framework

o Standardized risk register template and taxonomy.

2. Risk Scoring and Prioritization Model

o Documented likelihood and impact scales.

o Scoring methodology and prioritization logic.

3. Risk Governance Model

o Defined workflows for risk intake, review, acceptance, and monitoring.

o Roles and responsibilities matrix.

4. Initial Population of Risk Register

o Initial set of documented risks reflecting current cybersecurity and technology risk posture.

5. Final Documentation Package

o Consolidated guidance and operating procedures for ongoing risk management.

 

Candidate Skills And Qualifications:


8

Required

Experience with Risk Register Design and Framework

8

Required

Experience with Risk Scoring and Prioritization Model

8

Required

Experience with Governance Processes and Workflows

8

Required

Experience with Stakeholder and Enablement

8

Required

Demonstrated skill with documentation and knowledge transfer



Yash Sharma | Technical Recruiter

Email: yashsitre...@gmail.com

 

An E-verify Employer 

Reply all
Reply to author
Forward
0 new messages