Risk & Compliance Analyst
Skills
About This Role
Overview
Risk & Compliance Analyst – Risk Register Management
Domain: Governance, Risk & Compliance (GRC) \| Risk Register \| Framework Alignment
Contract: 12-month engagement \| Operational from Week 2
We are seeking a
Risk & Compliance Analyst
to take ownership of the enterprise
Risk Register
, ensuring it remains a living, authoritative source of truth for all information security and technology risks.
This role sits at the heart of the organisation’s
Governance, Risk & Compliance (GRC)
function, translating technical security findings into structured, business-owned risk decisions aligned to
NIST CSF 2.0, ISO 27001, NIST SP 800-37 RMF, and UAE Information Assurance (UAE IA)
requirements
.
You will ensure risks are consistently captured, properly assessed, actively managed, and clearly reported to executive stakeholders.
Key Responsibilities
- Own and maintain the
- enterprise Risk Register
- as the single source of truth for all security and technology risks.
- Facilitate
- risk identification workshops
- with technical teams, business stakeholders, and control owners.
- Define and document risks using a structured format:
- threat × vulnerability × asset × impact
- .
- Perform and maintain
- inherent and residual risk scoring
- , including tracking risk acceptance decisions.
- Ensure every risk has a clearly defined
- owner, treatment plan, and review cycle
- .
- Coordinate
- periodic risk reviews
- and ensure remediation progress is tracked to closure.
- Map risks to relevant frameworks including:
• Nist Csf 2.0 (Gv.Rm, Gv.Rr)
- ISO 27001 controls
- UAE IA requirements
• NIST SP 800-37 Risk Management Framework
- Produce
- risk heatmaps, trend analysis, and monthly executive dashboards
- .
- Integrate inputs from
- vulnerability management, penetration testing, audit findings, security incidents, and policy exceptions
- into the Risk Register.
- Ensure risk data is audit-ready and supports regulatory and internal assurance requirements.
Core Outcomes
- A complete, accurate, and defensible enterprise Risk Register
- Every material risk has an accountable owner and active treatment plan
- Executive reporting provides clear visibility of risk posture and trends
SMART Milestones
- **Within 30 days:**
- Baseline the existing Risk Register, identify gaps, stale entries, and inconsistencies.
- **Within 60 days:**
- Complete a full refresh cycle ensuring all risks have owners, treatment status, and review dates.
- **Within 90 days:**
- Deliver first executive risk dashboard and heatmap; integrate vulnerability, pentest, and audit inputs.
- **Ongoing:**
- Ensure 100% of material risks are reviewed at least quarterly with zero orphaned risks.
Tools & Platforms
- Excel / SharePoint (Risk Register management)
• Jira / Confluence / YouTrack
- Integration with security tooling outputs (VM, pentest, audit, incident tracking systems)
Required Skills & Experience
- 3+ years’ experience in
- GRC, risk management, cybersecurity governance, or similar roles
- Hands-on experience with Risk Registers or equivalent enterprise risk tooling
- Strong understanding of
- NIST CSF 2.0, ISO 27001, MITRE ATT&CK, and UAE IA regulations
- Ability to perform structured risk analysis and scoring methodologies
- Experience working with cross-functional technical and business stakeholders
- Strong communication skills with the ability to present to both engineers and executive leadership
- Experience integrating security findings from VM, audit, and pentesting processes
- Please apply to be contacted with further information.
Your resume, rewritten
for this exact role.
Sign up free — Base Career tailors your CV to this job description in 60 seconds.
01 / 05
Resume Tailored to This Job
Your keywords, structure, and story — rewritten to match this exact role and pass ATS filters.
Free · No card · 60 seconds
02 / 05
Cover Letter for This Role, Done
Job-specific cover letters written in Gulf professional tone — ready in seconds, not hours.
Free · No card · 60 seconds
03 / 05
See How Well You Fit This Role
AI match score with clear reasons — know your fit before investing time in the application.
Free · No card · 60 seconds
04 / 05
Apply in One Click
Autofill any application form on Workday, LinkedIn, Bayt, Greenhouse — with your tailored content.
Free · No card · 60 seconds
05 / 05
Track It. Follow Up at the Right Time.
Visual pipeline for every application with AI-timed follow-up reminders so nothing slips.
Free · No card · 60 seconds
Similar Jobs
Principal Security Consultant (Risk & Resillience)
AESG · Dubai
Due to the continuing success and growth of our AESG team, a fantastic opportunity has opened up at our award-winning Specialist Consultancy, Engineering and Advisory Firm. We are headquartered in London, Riyadh, Singapo
Skills
3 days ago
Apply Now↗Apply Now ↗Analyst / Senior Analyst – Business Risk & Due Diligence
Innovations Global · Dubai
Responsibilities: Research –Research on companies and gather all data related to its business operations, sanctions, adverse media, related entities, and UBO. Document Validation – Verify the relevant documents receive
Skills
3 days ago
Apply Now↗Apply Now ↗Director - Governance, Risk & Compliance (GRC) | Dubai, UAE
Moove · Dubai
About Moove Moove is building the world’s largest fleet and best-in-class technologies that power mobility platforms. Its flagship Drive-to-Own (DTO) product democratises access to vehicle ownership with a revolutionary
Skills
3 days ago
Apply Now↗Apply Now ↗Director - Governance, Risk & Compliance (GRC) | Dubai, UAE
Moove · Dubai
About Moove Moove is building the world’s largest fleet and best-in-class technologies that power mobility platforms. Its flagship Drive-to-Own (DTO) product democratises access to vehicle ownership with a revolutionary
Skills
4 days ago
Apply Now↗Apply Now ↗Risk & Compliance Analyst Risk Register Management
Client of Salt · Abu Dhabi
Responsible for managing the enterprise Risk Register, coordinating risk assessments, and producing executive-level reporting in cybersecurity risk management.
Skills
5 days ago
Apply Now↗Apply Now ↗Lead, FX Exposure Product Risk & Control
World Kinect Corporation · Dubai
**At World Kinect, our employees are the key to our global success. We are industry leaders due to the innumerable talents of our approximately 5000 strong professional team. Our people thrive in an entrepreneurial and c
Skills
5 days ago
Apply Now↗Apply Now ↗Lead, FX Exposure Product Risk & Control
World Fuel Services · Dubai
**At World Kinect, our employees are the key to our global success. We are industry leaders due to the innumerable talents of our approximately 5000 strong professional team. Our people thrive in an entrepreneurial and c
Skills
5 days ago
Apply Now↗Apply Now ↗Lead Technical Risk & Safety Engineer-Abu Dhabi, UAE
SEGULA Technologies · Abu Dhabi
Company Description Do you want to shape the world of tomorrow and work on innovative projects? Then you're a good fit for us! We are a global engineering group with 15,000 employees and 140 locations worldwide. With our
Skills
1 weeks ago
Apply Now↗Apply Now ↗GRC Specialist – Governance, Risk & Compliance
Dicetek LLC · Dubai
Support implementation of Governance, Risk, and Compliance frameworks, ensuring compliance with regulations, and enhancing AI governance practices across the organization.
Skills
1 weeks ago
Apply Now↗Apply Now ↗2.2K+
Cover Letters & Follow-ups
1.8K+
Resumes Tailored
190.5K+
Jobs Tracked
Trusted by professionals at
Stop applying blindly.
Start getting hired.
Base Career automates the hardest parts of job searching — apply smarter, not harder.
AI Resume in 60s
Your resume rewritten for this exact role using the job description as the brief.
ATS-Optimized
Get past automated screening filters with the right keywords matched to each job.
Application Tracker
Track every job, follow-up, and interview in one visual kanban board.
Free plan · No credit card required