CrawlJobs Logo

Governance Risk and Compliance Risk Register Analyst

signifytechnology.com Logo

Signify Technology

Location Icon

Location:
United States , Remote

Category Icon
Category:
IT - Administration

Job Type Icon

Contract Type:
Not provided

Salary Icon

Salary:

70.00 - 80.00 USD / Hour
Save Job
Save Icon
Apply Position

Job Description:

You will design and operationalise the governance layer around an enterprise risk register — intake, review, acceptance, mitigation, transfer, and ongoing monitoring. The role sits between risk owners, reviewers, and governance bodies. The deliverable is a working risk register, a scoring model, and a governance framework that the internal security team can run themselves once you hand it over.

Job Responsibility:

  • Define the end-to-end governance flow — how risks get raised, reviewed, accepted, mitigated, transferred, and reassessed over time
  • Set the accountability structure — who owns risks, who reviews them, which governance bodies hold which decisions
  • Build the escalation and reporting paths for high-risk and formally accepted items
  • Partner with stakeholders across business, technology, security, and governance functions to validate the framework in practice
  • Run working sessions to walk stakeholders through the register and the governance model
  • Help load the initial set of risks into the register
  • Produce audit-ready documentation covering register structure, scoring methodology, governance workflows, and decision rights
  • Run a structured knowledge transfer to the internal security team so the programme continues after the contract ends

Requirements:

  • 8+ years designing enterprise risk registers and the frameworks around them
  • 8+ years building risk scoring and prioritisation models — likelihood and impact scales, scoring methodology, prioritisation logic
  • 8+ years designing and running governance processes and workflows
  • 8+ years leading stakeholder engagement and enablement across security, technology, and business
  • Demonstrated track record producing audit-ready documentation and handing over to internal teams

Additional Information:

Job Posted:
May 04, 2026

Employment Type:
Fulltime
Work Type:
Remote work
Icon
Signify Technology - All Job Offers
Job Link Share:
Copy Link Icon
Facebook Icon Twitter Icon LinkedIn Icon
PREMIUM
More languages and countries
+ Unlock 31374 hidden job offers
Languages
English Čeština Deutsch Ελληνικά Español Français +15
Countries
United States United Kingdom India Canada Australia +
See plans
Plans from $2.99 / month

Looking for more opportunities? Search for other job offers that match your skills and interests.

Briefcase Icon

Similar Jobs for Governance Risk and Compliance Risk Register Analyst

Security GRC Analyst

Juni is seeking a Security GRC (Governance, Risk, and Compliance) Analyst to pla...
Location
Location
Sweden , Stockholm; Gothenburg
Salary
Salary:
Not provided
juni.co Logo
Juni
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 2 to 4 years of experience in information security governance, risk, or compliance roles
  • Demonstrated experience with compliance frameworks and regulations (e.g., PCI DSS, ISO 27001, GDPR, PSD2, EBA outsourcing and DORA)
  • Degree in Cybersecurity or Information Systems or similar
  • Knowledge of security frameworks (e.g., CIS Controls, NIST CSF)
  • Solid understanding of risk assessment methodologies and hands-on experience with risk registers and third-party risk management
  • Experience in coordinating activities for security certifications and audits
  • Ability to develop and track security metrics (KPIs)
  • Strong analytical, problem-solving, and organisational skills
  • Excellent communication skills, comfortable presenting to various stakeholders
  • A proactive and independent worker who is also a strong team player
Job Responsibility
Job Responsibility
  • Maintain and update core security documentation, including policies, procedures, and instructions, ensuring they remain current and relevant
  • Identify, collect, and analyse data to track key security performance indicators (KPIs) and metrics, generating reports and dashboards to communicate security performance to stakeholders
  • Maintain the risk register and support daily risk management activities with growing independence
  • Follow up on the remediation of risks identified in new projects, third-party engagements, and other business initiatives
  • Conduct thorough security posture assessments of new vendors and perform periodic reviews of existing ones
  • Support our 3rd party procurement process
  • Monitor the implementation and effectiveness of security controls across the organisation
  • Coordinate and support activities to maintain key security certifications, including PCI-DSS and ISO 27001
  • Coordinate and support the implementation of remediation plans to address identified compliance gaps
  • Provide support in responding to security-related questions during partner due diligence and assist in providing necessary information for cyber insurance renewals
What we offer
What we offer
  • Work hybrid
  • Meet all Junis IRL at the company onsite each year
  • Diversity is at our core
  • Progress your career whether you choose to manage people or not
  • Stock options
  • Vacation 30 days
  • Private Health insurance
  • Beautiful offices in central Gothenburg and Stockholm, front row sea view
  • Fulltime
Read More
Arrow Right
New

Technology Risk Analyst

The role will effectively support management and oversight of compliance across ...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in governance roles, such as risk and controls, audit or compliance
  • Extensive experience in technology roles with excellent analytical and problem-solving abilities
  • Strong stakeholder engagement skills across all organisational levels
  • Extensive experience in technology compliance, risk management, controls, and governance within a regulated environment
  • Experience within a financial industry desired
  • BA/BS degree, and/or relevant industry experience
  • Experience in Technology governance, risk, and compliance
  • Strong stakeholder management at all levels
  • Providing guidance on Technology governance, risk, and compliance matters
  • Ability to identify and evaluate Technology risks and controls and provide practical and effective recommendations
Job Responsibility
Job Responsibility
  • Support oversight risk identification, assessments, acceptances, and mitigation strategies within technology functions, ensuring appropriate controls are in place
  • Support management of all risks, controls and incidents activities that fall under the IT and Data remit, liaising and ensuring alignment and collaboration with Group Risk management in maintaining and communicating up to date risk information
  • Partner with relevant teams and SME's to co-manage the existing controls to include alignment on priorities and performance expectations
  • Support controls annual assessment and improvement plan for controls
  • Support management of all IT and Data actions related to risk, assurance, controls
  • Support the enhancement and management of the IT risk management process and IT/Data risk registers, and where applicable, alignment with functional and group risk management frameworks
  • Support and monitor KPIs and KRIs for technology controls and risk exposure, supporting reporting for governance forums and senior management
  • Where risks fall outside of appetite/tolerance, work with relevant stakeholders in developing and tracking a mitigation plan within reasonable timelines
  • Support the identification of issues, issue management and remediation and provide reporting on risk/controls/KRIs to the relevant stakeholders
  • Challenging business on risk and control matters (e.g., incidents, issues, and actions) and the overall management of control environment
  • Fulltime
Read More
Arrow Right

Operational Risk Analyst

Giacom is the only provider of Comms, Cloud, Hardware and Billing through one pl...
Location
Location
United Kingdom , Hessle
Salary
Salary:
28000.00 - 32000.00 GBP / Year
giacom.com Logo
Giacom
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in operational risk, compliance, governance or internal audit
  • A confident, clear communicator with the ability to ask the right questions, challenge constructively, and influence stakeholders at all levels
  • Strong analytical and problem‑solving skills with excellent attention to detail
  • Ability to translate complex risk concepts into practical guidance for the business
  • Experience with risk assessments, controls testing, assurance or monitoring activity
  • A collaborative approach and resilience when navigating challenging conversations
Job Responsibility
Job Responsibility
  • Leading operational and compliance risk assessment activity across business functions
  • Maintaining risk registers, monitoring KRIs and supporting risk reporting cycles
  • Facilitating risk workshops and promoting a strong risk culture across teams
  • Reviewing controls, advising on mitigation strategies and supporting the development of enterprise risk frameworks (aligned to ISO, GDPR and other regulatory expectations)
  • Preparing committee papers and working closely with senior stakeholders on risk insights
  • Supporting compliance monitoring, internal audits and regulatory horizon scanning
  • Delivering risk awareness training and driving continuous improvement in risk processes
What we offer
What we offer
  • Flexible working
  • Investment in your future career with a variety of learning and development opportunities
  • No dress code - embrace the freedom to bring your whole self to work
  • 25 days annual leave, plus bank holidays. You'll even get your birthday off, too!
  • A pension plan for your future
  • Complimentary refreshments in all our offices
  • Fulltime
Read More
Arrow Right

ISO Sr. Analyst

The Information Security Operations (ISO) Sr. Analyst is an intermediate level p...
Location
Location
Mexico , Ciudad De Mexico
Salary
Salary:
Not provided
https://www.citi.com/ Logo
Citi
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • 5-8 years of relevant experience
  • Proficient in interpreting and applying policies, standards and procedures
  • Consistently demonstrates clear and concise written and verbal communication
  • Proven influencing and relationship management skills
  • Proven analytical skills
  • Amplio conocimiento y cumplimiento de regulaciones mexicanas (en materia de SI) (CNBV y BANXICO)
  • Conocimientos técnicos relacionados con Seguridad de la Información y Ciberseguridad
  • Deseables certificaciones CRISC, CISA, CISM, CISSP, ISO27001:2022, ISO31000:2018
  • Experiencia en la elaboración de reportes y métricas ejecutivas dirigidas a la alta dirección
  • Habilidades de comunicación y negociación
Job Responsibility
Job Responsibility
  • Address security issues identified in the various information security programs
  • Review and address issues identified within various Information Security (IS) programs and ensure all IS issues related to Internal Audit, and External Auditors are closed by their original target date
  • Improve the efficacy of governance processes by identifying risks, monitoring controls, and remediating issues
  • Establish cross-sector working relationships and complete weekly awareness discussions with local team to efficiently tackle security issues
  • Ensure risk exceptions are raised, registered and closed on a timely basis and communicate updates and changes to the global standards
  • Complete Risk Assessment process, including completing accurate inventory reporting, data classification, threat analysis, and action plans
  • Test and validate that the business complies with applicable IS requirements
  • develop and implement IS policies and procedures
  • Determine and validate appropriate level of controls are being implemented to safeguard sensitive data
  • Develop Corrective Action Plans for all Information Security-related gaps and approve all closures through reviewing evidence to ensure each closure meets Citi Requirements
  • Fulltime
Read More
Arrow Right

Grc Analyst

Fullscript is currently looking for a GRC Analyst (Risk) to join our growing Sec...
Location
Location
Canada , Ottawa; Calgary; Toronto
Salary
Salary:
100000.00 - 120000.00 CAD / Year
fullscript.com Logo
Fullscript
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Experience in governance, risk management, compliance, security operations, IT risk, or a related field
  • Understanding of security and operational risk concepts and common risk management frameworks
  • Ability to assess technical and non-technical risks and translate them into business impact
  • Strong analytical and problem-solving skills, with the ability to identify patterns and trends in risk data
  • Experience creating clear documentation, reports, and dashboards for technical and non-technical audiences
  • Strong verbal and written communication skills
  • Ability to work cross-functionally and influence without direct authority
  • Willingness to ask questions, seek feedback, and continuously improve processes
  • Comfortable operating in a growing, evolving environment where programs are being built and scaled
  • Strong situational awareness and judgment when evaluating risk trade-offs
Job Responsibility
Job Responsibility
  • Identify, document, and assess security and operational risks across business units
  • Maintain a comprehensive and up-to-date enterprise risk register
  • Apply a consistent methodology for evaluating risk likelihood, impact, ownership, and treatment
  • Partner with risk owners to ensure risks are clearly articulated and appropriately managed
  • Ensure risk acceptance, mitigation, and transfer decisions are documented, traceable, and aligned with Fullscript’s risk appetite
  • Track remediation efforts and follow up with stakeholders to ensure timely risk reduction
  • Produce clear, data-driven risk reporting and dashboards to support leadership and executive decision-making
  • Support and manage Fullscript’s third-party risk management program
  • Conduct risk assessments for vendors and partners, including onboarding and periodic reviews
  • Collaborate with Procurement, Legal, Security, and Engineering to ensure third-party risks are identified and addressed
What we offer
What we offer
  • Generous PTO and competitive pay
  • Fullscript’s RRSP match program for financial health
  • Flexible benefits package and workplace wellness program
  • Training budget and company-wide learning initiatives
  • Discount on Fullscript catalog of products
  • Ability to work Wherever You Work Well
  • Fulltime
Read More
Arrow Right
New

Senior Security Governance, Risk and Compliance Analyst

Are you a GRC professional looking to make a significant impact within a dynamic...
Location
Location
Australia , Brisbane
Salary
Salary:
120000.00 - 135000.00 AUD / Year
https://www.randstad.com Logo
Randstad
Expiration Date
May 30, 2026
Flip Icon
Requirements
Requirements
  • At least 5 years of experience as a GRC Analyst or 2 years as a Senior GRC Analyst
  • Strong understanding of fundamental information security concepts, technology, and regulatory frameworks
  • Proven experience with security controls testing frameworks and cloud computing environments
  • Bachelor’s degree in a related field or equivalent significant work experience
  • Excellent written and oral communication skills with a strong work ethic and attention to detail
Job Responsibility
Job Responsibility
  • Enhance and maintain the Security Controls Testing Framework and the Information Security Management System (ISMS)
  • Lead and define overall third-party risk management efforts, including enhancing vendor due-diligence processes
  • Perform comprehensive security and compliance assessments on new and existing systems, processes, and technology
  • Track and report on Key Risk Indicators (KRIs) and create detailed reports for management on GRC topics
  • Support internal and external audit processes while contributing to the development of the Technology risk register
  • Fulltime
Read More
Arrow Right

Risk Analyst - Enterprise Risk Management

Support the Enterprise Risk Management team in strengthening the company’s risk ...
Location
Location
Poland; Argentina; Colombia; Brazil; Mexico; Slovenia; Lithuania; Hungary; Bulgaria; Romania; Latvia; Czech Republic; Croatia; Slovakia
Salary
Salary:
Not provided
deel.com Logo
Deel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 5 years of experience in risk management, audit, compliance, or related functions within financial services, payments, or FinTech
  • Working knowledge of enterprise risk frameworks (COSO ERM, ISO 31000, or similar)
  • Experience with risk registers, KRIs, and governance reporting
  • Proficiency with data analytics and visualization tools (e.g., Excel, Power BI, Tableau)
  • Strong communication and analytical skills, with the ability to present risk insights clearly
  • Bachelor’s degree in Risk Management, Finance, Business, Economics, or related field
Job Responsibility
Job Responsibility
  • Support the application and maintenance of the Enterprise Risk Management Framework (ERMF)
  • Assist in enterprise-wide risk identification and assessment exercises
  • Maintain and update the enterprise risk register and control library
  • Ensure risk data is accurate, consistent, and aligned with ownership structures
  • Help design, track, and report on enterprise-level KRIs
  • Monitor performance against thresholds and escalate breaches where required
  • Prepare clear and concise risk dashboards and reports for governance forums, including senior management and Risk Committees
  • Contribute analysis and insights for executive and Board reporting
  • Assist with the maintenance of ERM-related policies, procedures, and standards
  • Contribute to the annual refresh of the risk appetite framework and threshold-setting
What we offer
What we offer
  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access
  • Fulltime
Read More
Arrow Right

GRC Analyst I

We are seeking a motivated and detail-oriented GRC Analyst I to join our Governa...
Location
Location
Bosnia and Herzegovina , Tuzla
Salary
Salary:
Not provided
personifyhealth.com Logo
Personify Health
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in information security, Computer Science, Business Administration, or a related field
  • 0–2 years of experience in GRC, compliance, risk management, or related fields (internships or academic projects may be considered)
  • Basic understanding of regulatory standards and frameworks (e.g., SOC 2, ISO 27001, GDPR, HIPAA) is a plus
  • Strong organizational and time-management skills, with the ability to handle multiple priorities effectively
  • Excellent attention to detail and accuracy in all tasks
  • Strong written and verbal communication skills
  • Basic proficiency with productivity tools such as Microsoft Office Suite (Excel, Word, PowerPoint)
  • Familiarity with GRC tools or platforms is a plus but not required
  • A willingness to learn and grow in the field of GRC
Job Responsibility
Job Responsibility
  • Assist in the development, implementation, and maintenance of policies, procedures, and standards to support governance objectives
  • Ensure policies are stored, distributed, and tracked appropriately for organizational awareness and compliance
  • Support policy exception tracking and documentation
  • Conduct initial assessments for identified risks, documenting findings, and escalating them to senior team members for further analysis
  • Support risk monitoring activities by collecting data, maintaining risk registers, and preparing reports
  • Assist in tracking mitigation plans and ensuring timely resolution of identified risks
  • Help facilitate compliance activities related to frameworks such as SOC 2, ISO 27001, HIPAA, GDPR, HITRUST CSF and other relevant standards
  • Collect evidence for audits and compliance assessments, ensuring accurate and timely submissions
  • Track findings from audits or assessments and follow up on remediation efforts
  • Assist in the preparation and delivery of employee training on compliance policies and procedures
Read More
Arrow Right