CrawlJobs Logo

Governance Risk and Compliance Risk Register Analyst

United States, Remote 70.00 - 80.00 USD / Hour · Job Posted May 04, 2026
Apply Position
Job Link Share

Job Description

You will design and operationalise the governance layer around an enterprise risk register — intake, review, acceptance, mitigation, transfer, and ongoing monitoring. The role sits between risk owners, reviewers, and governance bodies. The deliverable is a working risk register, a scoring model, and a governance framework that the internal security team can run themselves once you hand it over.

Job Responsibility

  • Define the end-to-end governance flow — how risks get raised, reviewed, accepted, mitigated, transferred, and reassessed over time
  • Set the accountability structure — who owns risks, who reviews them, which governance bodies hold which decisions
  • Build the escalation and reporting paths for high-risk and formally accepted items
  • Partner with stakeholders across business, technology, security, and governance functions to validate the framework in practice
  • Run working sessions to walk stakeholders through the register and the governance model
  • Help load the initial set of risks into the register
  • Produce audit-ready documentation covering register structure, scoring methodology, governance workflows, and decision rights
  • Run a structured knowledge transfer to the internal security team so the programme continues after the contract ends

Requirements

  • 8+ years designing enterprise risk registers and the frameworks around them
  • 8+ years building risk scoring and prioritisation models — likelihood and impact scales, scoring methodology, prioritisation logic
  • 8+ years designing and running governance processes and workflows
  • 8+ years leading stakeholder engagement and enablement across security, technology, and business
  • Demonstrated track record producing audit-ready documentation and handing over to internal teams

Looking for more opportunities?

Search for other job offers that match your skills and interests.

Similar Jobs for

Governance Risk and Compliance Risk Register Analyst

8 matching positions

Lead Analyst, Business Continuity & Disaster Recovery (Governance, Risk and Compliance)

Own and drive Burlington’s enterprise Business Continuity and Disaster Recovery ...
Location
Location
United States , Edgewater Park
Salary
Salary:
95000.00 - 150000.00 USD / Year
Burlington
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor’s degree in Computer Science, Information Technology, or related field
  • 7+ years of experience in Business Continuity and Disaster Recovery (BCDR)
  • Experience supporting or governing an enterprise-scale BCDR program
  • Strong experience with BIA, RTO/RPO definition, and application tiering
  • Experience leading disaster recovery testing (tabletop and failover)
  • Experience working across business, infrastructure, and application teams
  • Experience in hybrid (on-prem and cloud) environments
  • Experience with BCDR/GRC tools (e.g., SharePoint, Power Automate, ServiceNow, Archer)
  • Experience developing executive-level reporting and communicating risk and resilience topics to leadership
Job Responsibility
Job Responsibility
  • Lead enterprise-wide BIA to identify and prioritize critical business processes
  • Define recovery priorities and RTO/RPO targets based on operational and financial impact
  • Maintain enterprise application inventory and ensure alignment with BCDR scope
  • Define and enforce application tiering, including required RTO, RPO, and testing expectations
  • Assess and tier new applications as part of onboarding and change processes
  • Define and enforce BCDR standards, templates, and requirements for Business Continuity Plans (BCPs) and Disaster Recovery Plans (DRPs)
  • Guide business and IT teams in developing and maintaining their plans
  • Review plans for completeness, accuracy, and executability
  • Provide input on disaster recovery design (e.g., failover approaches, redundancy, dependencies) to ensure alignment with recovery requirements
  • Validate through testing that recovery capabilities meet defined RTO/RPO targets
What we offer
What we offer
  • Competitive wages
  • Flexible hours
  • Associate discount
  • Medical, dental and vision coverage including life and disability insurance
  • Paid time off
  • Paid holidays
  • 401(k) plan
  • Training and development opportunities
  • Fulltime
Read More
Arrow Right

Head of Governance, Risk and Compliance - CISO function - BPL

The Head of GRC leads the pillar responsible for ensuring the organisation under...
Location
Location
United Kingdom , London
Salary
Salary:
Not provided
barclays.co.uk Logo
Barclays
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • CISM, CRISC, or CISSP certification
  • Experience with DORA (Digital Operational Resilience Act) compliance requirements and implementation
  • ISO 27001 Lead Auditor or Lead Implementer certification
  • PCI QSA or Internal Security Assessor (ISA) qualification
  • Previous experience in FinTech, Digital Banking, Payment Acquiring organisation
  • Experience with Visa GACS and Mastercard SDP acquirer compliance programmes
  • Significant experience of progressive experience in information security governance, risk, and compliance, with at least 5 years leading a GRC team in a regulated environment
  • Strong understanding of UK GDPR and the role of security controls in meeting data protection obligations, including breach notification requirements and data protection impact assessments
  • Experience designing and operating security control frameworks mapped to multiple regulatory requirements simultaneously (e.g., a single framework serving PCI DSS, FCA, and GDPR)
  • Understanding of cloud-native architectures and their implications for compliance and risk management
Job Responsibility
Job Responsibility
  • Own the security policy framework, ensuring policies are current, proportionate, and aligned to PCI DSS, FCA expectations, UK GDPR, and DORA requirements
  • Maintain and operate the security risk register, ensuring risks are assessed consistently using a defined methodology, owned explicitly, and reported accurately to the CISO and Executive Leadership Team (ETL)
  • Manage the relationship with external auditors, the Qualified Security Assessor (QSA), and 2nd/3rd Line of Defence (LoD) on all security and technology risk matters
  • Own the third-party security assurance process, ensuring all vendors, partners, and card scheme integrations are risk-assessed with a tiered approach proportionate to data access and criticality
  • Chair the monthly Cyber and Tech Risk and Controls Forum, presenting risk posture, compliance status, and material findings to the CISO, CIO and ELT
  • Design and maintain the control framework, mapping controls to PCI DSS, FCA, UK GDPR, and DORA requirements, and ensuring control effectiveness is tested on a continuous cycle
  • Produce KRI dashboards and risk reporting for CISO, CIO, and ELT consumption, ensuring risk is communicated in business terms
  • Lead regulatory and audit engagement on security matters, coordinating regulatory review and audit interactions and proactively managing stakeholder relationships
  • Own the risk assessment calendar, ensuring both cyclical and event-driven assessments are executed on schedule with appropriate rigour
  • Manage the risk acceptance process, ensuring risk acceptance decisions are documented, time-bound, approved at the appropriate authority level, and reviewed before expiry
What we offer
What we offer
  • Competitive holiday allowance
  • Life assurance
  • Private medical care
  • Pension contribution
  • Fulltime
Read More
Arrow Right

Risk Analyst - Enterprise Risk Management

Support the Enterprise Risk Management team in strengthening the company’s risk ...
Location
Location
Poland; Argentina; Colombia; Brazil; Mexico; Slovenia; Lithuania; Hungary; Bulgaria; Romania; Latvia; Czech Republic; Croatia; Slovakia
Salary
Salary:
Not provided
deel.com Logo
Deel
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • A minimum of 5 years of experience in risk management, audit, compliance, or related functions within financial services, payments, or FinTech
  • Working knowledge of enterprise risk frameworks (COSO ERM, ISO 31000, or similar)
  • Experience with risk registers, KRIs, and governance reporting
  • Proficiency with data analytics and visualization tools (e.g., Excel, Power BI, Tableau)
  • Strong communication and analytical skills, with the ability to present risk insights clearly
  • Bachelor’s degree in Risk Management, Finance, Business, Economics, or related field
Job Responsibility
Job Responsibility
  • Support the application and maintenance of the Enterprise Risk Management Framework (ERMF)
  • Assist in enterprise-wide risk identification and assessment exercises
  • Maintain and update the enterprise risk register and control library
  • Ensure risk data is accurate, consistent, and aligned with ownership structures
  • Help design, track, and report on enterprise-level KRIs
  • Monitor performance against thresholds and escalate breaches where required
  • Prepare clear and concise risk dashboards and reports for governance forums, including senior management and Risk Committees
  • Contribute analysis and insights for executive and Board reporting
  • Assist with the maintenance of ERM-related policies, procedures, and standards
  • Contribute to the annual refresh of the risk appetite framework and threshold-setting
What we offer
What we offer
  • Stock grant opportunities dependent on your role, employment status and location
  • Additional perks and benefits based on your employment status and country
  • The flexibility of remote work, including optional WeWork access
  • Fulltime
Read More
Arrow Right

InfoSec Risk Senior Analyst / Analyst

Location
Location
Salary
Salary:
Not provided
ethicshr.com Logo
Ethics HR
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Bachelor's Degree in Computer Science or Electronics & Communication Engineering or a related field from a reputable university
  • Minimum 4 years of experience for the Senior Analyst and 2 years of experience for the Analyst in the banking sector and information security field, including the following background: Risk assessment, identification and mitigation
  • Security controls, security baseline, technology best practices
  • Has an integration knowledge across different security technologies and systems
  • Security control enforcement, measure of effectiveness and proposing compensating controls
  • CBE regulations
Job Responsibility
Job Responsibility
  • Review & maintain the Risk profile according to the bank's Cyber Security Risk appetite
  • Identify information security controls necessary to remediate identified risks and follow up remediation with the concerned business lines
  • Assess information security risks for IT assets and propose appropriate measures to eliminate/reduce risk
  • Coordinate with Information Security teams to manage the risk assessment activities
  • Engage InfoSec Teams in all new initiatives and projects to handle InfoSec risk assessment for new projects/technologies with concerned stakeholders
  • Follow up on Audit reports along with audit Findings/Recommendations by Internal Audit/External Audit, CBE and ensure remediation with the related parties
  • Ensure maintaining Global InfoSec Risk Register for all assessed IT assets & follow up on open risks until closure
  • Review the cases performed by the InfoSec Governance & Compliance Teams from risk perspective side
  • Participate in the Change Advisory Board (CAB) meeting
  • Work on standard and ad-hoc threats providing InfoSec risk assessment as needed
Read More
Arrow Right

Data Risk Analyst

Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience (5+ years) in data compliance, risk management, controls, and governance within a regulated environment
  • Experience within a financial industry desired
  • BA/BS degree, and/or relevant industry experience
  • Experience in Data governance, risk, and compliance
  • Strong stakeholder management at all levels
  • Providing guidance on Data governance, risk, and compliance matters
  • Ability to identify and evaluate Data risks and controls and provide practical and effective recommendations
  • Ability to communicate complex Data risk and compliance issues to non-technical audiences
  • Experience in writing effective committee papers desired
  • Passionate about compliance, risk management, audit principles and practices and continuous improvement
Job Responsibility
Job Responsibility
  • Support oversight of data risk identification, assessments, acceptances, and mitigation strategies across data management and technology functions, ensuring appropriate controls are designed and operating effectively
  • Support management of all data risks, controls, incidents, issues, and remediation activities that fall under the IT and Data remit, ensuring alignment with Group Risk Management frameworks
  • Partner with Data Governance, Architecture, Engineering, Security, and Business teams to co-manage and enhance the existing data control environment
  • Support the enhancement and management of data risk frameworks, data risk registers, and risk reporting processes
  • Assist in embedding data governance and risk management practices across critical data domains and business processes
  • Support development and monitoring of KPIs and KRIs for data risks, control effectiveness, data quality, regulatory compliance, and governance maturity
  • Support control assessments, control testing activities, and remediation plans across the data environment
  • Challenge business and technology stakeholders on data risk and control matters, including incidents, issues, remediation actions, and regulatory obligations
  • Contribute to the design, implementation, and continuous improvement of data risk policies, standards, controls, and governance processes
  • Support mapping of policies, standards, and controls to regulatory requirements and industry frameworks (e.g. GDPR, DORA, BCBS239, ISO, NIST, COBIT)
  • Fulltime
Read More
Arrow Right

Senior Technology Risk Analyst

The role will effectively manage and oversee compliance across the IT and Data p...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in governance roles, such as risk and controls, audit or compliance
  • Extensive experience in technology roles with excellent analytical and problem-solving abilities
  • Strong stakeholder engagement skills across all organisational levels
  • Extensive experience (10+ years) in technology compliance, risk management, controls, and governance within a regulated environment
  • Experience within a financial industry desired
  • BA/BS degree, and/or relevant industry experience
  • Experience in Technology governance, risk, and compliance
  • Strong stakeholder management at all levels
  • Providing guidance on Technology governance, risk, and compliance matters
  • Ability to identify and evaluate Technology risks and controls and provide practical and effective recommendations
Job Responsibility
Job Responsibility
  • Manage all first line risk and controls activities within the IT and Data functions to maintain consistency, support a strong risk culture, and ensure alignment with organisational risk framework & appetite and governance expectations
  • Oversee risk identification, assessments, acceptances, and mitigation strategies within technology functions, ensuring appropriate controls are in place
  • Effective management of all risks, controls and incidents activities that fall under the IT and Data remit, liaising and ensuring alignment and collaboration with Group Risk management in maintaining and communicating up to date risk information
  • Partner with relevant teams and SME's to co-manage the existing controls to include alignment on priorities and performance expectations
  • Manage controls annual assessment and improvement plan for controls
  • Manage all IT and Data actions related to risk, assurance, controls
  • Enhance and manage the IT risk management process and IT/Data risk registers, and where applicable, alignment with functional and group risk management frameworks
  • Develop, implement, and monitor KPIs and KRIs for technology controls and risk exposure, supporting reporting for governance forums and senior management
  • Where risks fall outside of appetite/tolerance, work with relevant stakeholders in developing and tracking a mitigation plan within reasonable timelines
  • Support the identification of issues, issue management and remediation and provide reporting on risk/controls/KRIs to the relevant stakeholders
  • Fulltime
Read More
Arrow Right

Technology Risk Analyst

The role will effectively support management and oversight of compliance across ...
Location
Location
United Kingdom , Birmingham
Salary
Salary:
Not provided
socialvalueportal.com Logo
Social Value Portal Ltd
Expiration Date
Until further notice
Flip Icon
Requirements
Requirements
  • Extensive experience in governance roles, such as risk and controls, audit or compliance
  • Extensive experience in technology roles with excellent analytical and problem-solving abilities
  • Strong stakeholder engagement skills across all organisational levels
  • Extensive experience in technology compliance, risk management, controls, and governance within a regulated environment
  • Experience within a financial industry desired
  • BA/BS degree, and/or relevant industry experience
  • Experience in Technology governance, risk, and compliance
  • Strong stakeholder management at all levels
  • Providing guidance on Technology governance, risk, and compliance matters
  • Ability to identify and evaluate Technology risks and controls and provide practical and effective recommendations
Job Responsibility
Job Responsibility
  • Support oversight risk identification, assessments, acceptances, and mitigation strategies within technology functions, ensuring appropriate controls are in place
  • Support management of all risks, controls and incidents activities that fall under the IT and Data remit, liaising and ensuring alignment and collaboration with Group Risk management in maintaining and communicating up to date risk information
  • Partner with relevant teams and SME's to co-manage the existing controls to include alignment on priorities and performance expectations
  • Support controls annual assessment and improvement plan for controls
  • Support management of all IT and Data actions related to risk, assurance, controls
  • Support the enhancement and management of the IT risk management process and IT/Data risk registers, and where applicable, alignment with functional and group risk management frameworks
  • Support and monitor KPIs and KRIs for technology controls and risk exposure, supporting reporting for governance forums and senior management
  • Where risks fall outside of appetite/tolerance, work with relevant stakeholders in developing and tracking a mitigation plan within reasonable timelines
  • Support the identification of issues, issue management and remediation and provide reporting on risk/controls/KRIs to the relevant stakeholders
  • Challenging business on risk and control matters (e.g., incidents, issues, and actions) and the overall management of control environment
  • Fulltime
Read More
Arrow Right

Risk Analyst - Advanced

On behalf of our client, a leader in the insurance sector, we are seeking a high...
Location
Location
Canada , Mississauga
Salary
Salary:
41.00 - 51.00 CAD / Hour
https://www.randstad.com Logo
Randstad
Expiration Date
July 12, 2026
Flip Icon
Requirements
Requirements
  • Strong curiosity and proactive drive to learn the fundamentals of an insurance business and its investment function
  • Ability to concisely explain and document key processes that support the investment function
  • Understanding of investment governance frameworks and risk management practices
  • Excellent written and verbal communication skills
  • Ability to synthesize complex investment concepts into clear, actionable governance documentation
  • Project management experience with ability to manage multiple governance initiatives in parallel
  • Knowledge of regulatory frameworks and compliance requirements for insurance investment portfolios
Job Responsibility
Job Responsibility
  • Policy Development: Draft and develop a refreshed Statement of Investment Procedures & Policies (SIPP) and a new Asset Allocation Policy (AAP) aligned with strategic risk objectives
  • Framework Design: Establish clear Delegation of Authorities, define Market Risk Limits, and propose a modernized governance model for investment operations
  • Process Standardization: Document comprehensive liquidity processes and standardize procedures across the investment function, registering them within Enterprise libraries
  • Compliance & Reporting: Develop Regulatory Compliance Management documentation and design new portfolio reporting templates for the Investment Committee to provide a holistic view of risks
  • Stakeholder Management: Coordinate with local stakeholders for review and refinement of governance proposals and leverage best practices from Head Office Governance
  • Cross-Functional Partnership: Collaborate with the Data & Analytics team to ensure the necessary infrastructure is in place for real-time risk limit monitoring
  • Fulltime
!
Read More
Arrow Right