Governance Risk and Compliance Risk Register Analyst

**Job Summary** JID Solutions is submitting qualified candidates for **Information Security Manager 3** for the following requirement: All work products resulting from the project shall be considered "works made for hire" and are the property of the **Texas Education Agency** and may include pre\-selection requirements that potential Vendors (and their Candidates) submit to and satisfy criminal background checks as authorized by Texas law. **Texas Education Agency** will pay no fees for interviews or discussions, which occur during the process of selecting a Candidate(s). * Define end to end governance workflows for: o Risk identification and intake o Risk review and validation o Risk acceptance, mitigation, or transfer o Ongoing monitoring and periodic reassessment * Establish roles and responsibilities for risk owners, reviewers, and governance bodies. * Design escalation and reporting processes for high risk and accepted risks. * Engage key stakeholders across business, technology, security, and governance functions to validate risk requirements and workflows. * Facilitate working sessions or workshops to socialize the risk register and governance processes. * Support onboarding of initial risks into the enterprise risk register. * Produce clear, audit ready documentation covering: o Risk register structure and data definitions o Risk scoring methodology o Governance workflows and decision authorities * Provide knowledge transfer to designated security staff to ensure sustainability beyond the contract term. The contractor shall provide the following deliverables during the engagement: 1\. Enterprise Risk Register Framework o Standardized risk register template and taxonomy 2\. Risk Scoring and Prioritization Model o Documented likelihood and impact scales o Scoring methodology and prioritization logic 3\. Risk Governance Model o Defined workflows for risk intake, review, acceptance, and monitoring o Roles and responsibilities matrix 4\. Initial Population of Risk Register o Initial set of documented risks reflecting current cybersecurity and technology risk posture 5\. Final Documentation Package o Consolidated guidance and operating procedures for ongoing risk management **Minimum Requirements:** Candidates that do not meet or exceed the **minimum** stated requirements (skills/experience) will be displayed to customers but may not be chosen for this opportunity.YearsRequired/PreferredExperience 8 Years Required \- Experience with Risk Register Design and Framework 8 Years Required \- Experience with Risk Scoring and Prioritization Model 8 Years Required \-\- Experience with Governance Processes and Workflows 8 Years Required \-\- Experience with Stakeholder and Enablement 8 Years Required \-\- Demonstrated skill with documentation and knowledge transfer Pay: From $75\.00 per hour Work Location: Remote