1. Home
  2. Jobs
  3. Client of Salt
  4. Risk & Compliance Analyst Risk Register Management
Cybersecurity Onsite

Risk & Compliance Analyst Risk Register Management

Client of Salt
Morocco - Morocco Listed 1 month ago 3+ years via Naukrigulf
python cybersecurity penetration testing security

Job Description Roles & Responsibilities You will be responsible for maintaining the enterprise Risk Register as the central source of truth for cybersecurity risk management across the organisation. Working closely with Security Operations, Engineering, Audit, Vulnerability Management, and business stakeholders, you will coordinate risk assessments, track treatment plans, maintain risk ownership, and provide executive-level risk reporting and governance support. This role is critical in ensuring that security findings from vulnerability management, penetration testing, incidents, audits, and exception processes are translated into a coherent and actionable enterprise risk picture. Key Responsibilities: Maintain and manage the enterprise Risk Register as the authoritative source for cybersecurity risks Facilitate risk identification workshops with both technical and business stakeholders Document risks using structured and consistent methodologies across threat, vulnerability, asset, and business impact dimensions Assess and score inherent and residual risks using agreed enterprise risk methodologies Track risk acceptance decisions, treatment plans, mitigation progress, and review timelines Ensure every material risk has an accountable owner and defined remediation strategy Coordinate periodic risk reviews and governance activities across stakeholders Map risks against: NIST CSF 2.0 ISO 27001 controls UAE IA requirements NIST RMF practices Produce executive-level reporting including: Risk heatmaps Trend analysis Governance dashboards Risk posture reporting Integrate risk inputs from: Vulnerability Management Penetration testing Audit findings Security incidents Exception management processes Support audit readiness and evidence management activities Desired Candidate Profile Technical & GRC Experience Minimum 3+ years of hands-on experience in cybersecurity risk management or GRC functions Experience managing enterprise Risk Registers and governance workflows Strong familiarity with: NIST CSF 2.0 ISO 27001 NIST SP 800-37 RMF MITRE ATT&CK UAE IA Regulation Experience working with: Excel / SharePoint Jira Confluence YouTrack Understanding of enterprise security operations, vulnerability management, and audit processes Strong analytical and reporting capability Technical Skills Scripting or automation capability using Python, Bash, or PowerShell is advantageous Experience creating dashboards, heatmaps, and governance reporting Certifications Relevant certifications are highly desirable, including: CISSP CISM CRISC GCIH CCSP ISO 27001-related certifications Soft Skills Excellent written and verbal communication skills Strong stakeholder engagement and facilitation capability Ability to communicate effectively with both technical teams and executive leadership High attention to detail with strong organisational skills Ability to manage competing priorities in a fast-paced enterprise environment Company Industry IT - Software Services Department / Functional Area IT Software Keywords Risk & Compliance Analyst Risk Register Management Get real-time job updates only on our App

Ready to apply?

You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.

Apply Now

Opens the employer's site in a new tab

  • CompanyClient of Salt
  • LocationMorocco - Morocco
  • CategoryCybersecurity
  • SourceNaukrigulf
  • Listed1 month ago

Related Cybersecurity jobs

More Cybersecurity