Job title: Governance Risk and Compliance — Risk Register Analyst

Job type: Contract

Contract Length: Through end of August 2026 (~560 hours total)

Rate: $70 – $80 per hour (W2)

Role Location: 100% Remote (United States)

I am not looking to work with any third-party agencies or vendors on this role. Seriously guys, please don't call me. Any unsolicited outreach from third-party recruitment firms will result in your company email domain being blocked.

The company:

A US public sector client. They have engaged us to stand up the governance side of their enterprise risk programme, with a fixed deliverable set and a defined end date in August 2026.

Role and Responsibilities:

You will design and operationalise the governance layer around an enterprise risk register — intake, review, acceptance, mitigation, transfer, and ongoing monitoring. The role sits between risk owners, reviewers, and governance bodies. The deliverable is a working risk register, a scoring model, and a governance framework that the internal security team can run themselves once you hand it over.

• Define the end-to-end governance flow — how risks get raised, reviewed, accepted, mitigated, transferred, and reassessed over time
• Set the accountability structure — who owns risks, who reviews them, which governance bodies hold which decisions
• Build the escalation and reporting paths for high-risk and formally accepted items
• Partner with stakeholders across business, technology, security, and governance functions to validate the framework in practice
• Run working sessions to walk stakeholders through the register and the governance model
• Help load the initial set of risks into the register
• Produce audit-ready documentation covering register structure, scoring methodology, governance workflows, and decision rights
• Run a structured knowledge transfer to the internal security team so the programme continues after the contract ends

Job Requirements:

• 8+ years designing enterprise risk registers and the frameworks around them
• 8+ years building risk scoring and prioritisation models — likelihood and impact scales, scoring methodology, prioritisation logic
• 8+ years designing and running governance processes and workflows
• 8+ years leading stakeholder engagement and enablement across security, technology, and business
• Demonstrated track record producing audit-ready documentation and handing over to internal teams

Interview Process:

Two-stage interview process.

Please note we are unable to offer employer sponsorship for this role.

Accessibility Statement:

We make an active choice to be inclusive towards everyone every day. Please let us know if you require any accessibility adjustments through the application or interview process.

Our Commitment to Diversity, Equity, and Inclusion:

Signify's mission is to empower every person, regardless of their background or circumstances, with an equitable chance to achieve the careers they deserve. Building a diverse future, one placement at a time.

Check out our DE&I page here: https://www.signifytechnology.com/diversity-and-inclusion/