Title: Information Security Manager_Governance, Risk & Compliance (GRC)
Location: Austin, TX (Remote)
Experience: 12+ years
Responsibilities:
Define end to end governance workflows for:
Risk identification and intake.
Risk acceptance, mitigation, or transfer.
Ongoing monitoring and periodic reassessment.
Establish roles and responsibilities for risk owners, reviewers, and governance bodies.
Design escalation and reporting processes for high risk and accepted risks.
Required Skills:
Experience with Risk Register Design and Framework.
Experience with Risk Scoring and Prioritization Model.
Experience with Governance Processes and Workflows.
Experience with Stakeholder and Enablement.
Demonstrated skill with documentation and knowledge transfer.
1. Enterprise Risk Register Framework
Standardized risk register template and taxonomy.
2. Risk Scoring and Prioritization Model
Documented likelihood and impact scales.
Scoring methodology and prioritization logic.
3. Risk Governance Model
Defined workflows for risk intake, review, acceptance, and monitoring.
Roles and responsibilities matrix.
4. Initial Population of Risk Register
Initial set of documented risks reflecting current cybersecurity and technology risk posture.
5. Final Documentation Package
Consolidated guidance and operating procedures for ongoing risk management.
Never miss an opportunity! Create an alert based on the job you applied for.