Cybersecurity Risk & Governance Consultant (Remote | Contract)

🌍 Remote, USA 🎯 Full-time 🕐 Posted Recently

Job Description

Location:
100% Remote (U.S.-based candidates only)
Duration:
May 2026 – August 2026 (Extension Possible)
Schedule:
Monday–Friday, 8:00 AM – 5:00 PM CST
Hours:
Up to ~560 hours

Overview

We are seeking an experienced
Cybersecurity Risk & Governance Consultant
to design and implement enterprise-level
risk management frameworks, governance workflows, and risk register structures
.

This role is ideal for someone with strong expertise in
risk frameworks, stakeholder engagement, and governance design
, who can build scalable, audit-ready processes and enable long-term sustainability through documentation and knowledge transfer.

Key Responsibilities

    Risk Framework & Governance Design
  • Define end-to-end governance workflows for:
  • Risk identification and intake
  • Risk review and validation
  • Risk acceptance, mitigation, or transfer
  • Ongoing monitoring and reassessment
  • Establish clear roles and responsibilities across risk owners, reviewers, and governance bodies
  • Design escalation and reporting processes for high-risk and accepted risks
    Risk Register & Scoring Model
  • Develop and standardize enterprise risk register structure, taxonomy, and data definitions
  • Design risk scoring methodology, including likelihood and impact models
  • Define prioritization logic aligned with organizational risk tolerance
    Stakeholder Engagement & Enablement
  • Collaborate with cross-functional stakeholders across business, IT, security, and governance teams
  • Facilitate workshops and working sessions to validate workflows and drive adoption
  • Support onboarding of initial risks into the enterprise risk register
    Documentation & Knowledge Transfer
  • Produce clear, audit-ready documentation covering:
  • Risk register framework
  • Scoring and prioritization models
  • Governance workflows and decision authorities
  • Deliver knowledge transfer to internal teams to ensure continuity beyond the engagement
    Key Deliverables
  • Enterprise Risk Register Framework (template, taxonomy)
  • Risk Scoring & Prioritization Model (likelihood/impact scales, scoring logic)
  • Risk Governance Model (workflows, roles/responsibilities)
  • Initial Population of Risk Register (current risk posture)
  • Final Documentation Package (operating procedures and guidance)
    Required Qualifications
  • 8+ years
  • of experience inrisk management, governance, or GRC
  • Strong experience with:
  • Risk register design and frameworks
  • Risk scoring and prioritization methodologies
  • Governance workflows and operating models
  • Stakeholder engagement and cross-functional facilitation
  • Proven ability to create
  • audit-ready documentation and deliver knowledge transfer
  • Strong understanding of enterprise risk management practices (e.g., NIST-aligned frameworks)
    Preferred Qualifications
  • Experience in large enterprise or public sector environments
  • Familiarity with cybersecurity and technology risk domains
  • Strong facilitation, communication, and organizational change skills
    Work Environment
  • 100% remote within the United States
  • Standard business hours with occasional off-hours support as needed
  • No travel required unless pre-approved

Apply tot his job

Apply To this Job

Ready to Apply?

Don't miss out on this amazing opportunity!

🚀 Apply Now

Similar Jobs

Recent Jobs

You May Also Like