Job Description

Hi ,

This is Aditya , Staffing Expert from Nexiva Inc . I'm reaching out regarding a Role that aligns well with your experience. Let me know if you're open to discuss . Just find your resume on Monster . Please check below role and share me your updated Resume with contact details or You can share me a References if any one your known looking an Opportunity!

Job Description

Title: Governance Risk and Compliance (GRC) Risk Register Analyst
Title/Level: Information Security Manager 3

Location: Remote

Duration: Long Term

MOI: Through Microsoft Teams

Need LinkedIn and State Exp

Position Overview

The Texas Education Agency (TEA) is seeking a highly experienced Governance, Risk, and Compliance (GRC) Risk Register Analyst to serve as an Information Security Manager 3 . This role is responsible for designing and implementing an enterprise-wide risk register framework and governance model to support TEA's cybersecurity and technology risk management initiatives.

The selected candidate will lead the development of risk governance processes, facilitate stakeholder collaboration, and deliver audit-ready documentation to establish a sustainable and scalable risk management program.

Key Responsibilities

Risk Governance & Framework Development

• Design and implement end-to-end risk governance workflows, including:
  • Risk identification and intake
  • Risk review and validation
  • Risk acceptance, mitigation, or transfer
  • Continuous monitoring and reassessment
• Define roles and responsibilities for risk owners, reviewers, and governance bodies
• Establish escalation procedures and reporting mechanisms for high-risk scenarios

Risk Register & Scoring Model

• Develop and standardize the enterprise risk register structure and taxonomy
• Create and document risk scoring methodologies, including likelihood and impact scales
• Define prioritization logic for effective risk management decision-making

Stakeholder Engagement & Enablement

• Collaborate with cross-functional stakeholders across business, IT, security, and governance teams
• Facilitate workshops and working sessions to validate workflows and requirements
• Drive adoption and onboarding of risks into the enterprise risk register

Documentation & Knowledge Transfer

• Produce comprehensive, audit-ready documentation including:
  • Risk register framework and data definitions
  • Risk scoring and prioritization models
  • Governance workflows and decision authorities
• Provide knowledge transfer and training to internal security staff

DELIVERABLES

The contractor will be responsible for delivering:

1. Enterprise Risk Register Framework
   • Standardized templates and taxonomy
2. Risk Scoring & Prioritization Model
   • Defined scoring criteria and prioritization methodology
3. Risk Governance Model
   • Documented workflows and roles/responsibilities
4. Initial Risk Register Population
   • Baseline risks reflecting current cybersecurity posture
5. Final Documentation Package
   • Complete operational guidance and procedures

Required Skills & Qualifications

Minimum Requirements (Mandatory)

• 8+ years of experience in:
  • Risk Register Design and Framework development
  • Risk Scoring and Prioritization methodologies
  • Governance processes and workflow implementation
  • Stakeholder engagement and enablement
  • Documentation, reporting, and knowledge transfer
• Strong understanding of GRC frameworks and cybersecurity risk management practices
• Proven ability to create audit-ready documentation
• Excellent communication and facilitation skills

Ideal Candidate Profile

• Strong background in enterprise risk management (ERM) and GRC tools/processes
• Experience working with government or public sector organizations preferred
• Ability to translate complex risk concepts into actionable frameworks
• Skilled in leading cross-functional collaboration and governance initiatives

Best Regards,

Aditya Shrivastava

Lead Technical Recruiter

Nexiva Inc,

[email protected]

Job Tags

Similar Jobs