Must Haves:
- Proficiency with ServiceNow GRC & IRM modules (including but not limited to policy & compliance, integrated risk, & vendor risk)
- Minimum of 4 years of experience in GRC & Risk Mgt with a specific ServiceNow GRC/IRM knowledge.
- Strong understanding of various cybersecurity and vulnerability processes
- Bachelor's degree
Plusses:
- Certifications: Relevant certifications (e.g., ServiceNow Certified)
Responsibilities:
1. Design and Implementation
- Work with legal and business representatives to identify and document governance (regulatory and business driven) and protection policies, standards, processes, and controls.
- Architect solutions that control, report, and integrate key telemetry into security operation
- Handles assigned tasks related to security governance documentation, reporting, etc...
- Develop, report against, and audit controls supporting the policies and standards defined
2. Operational Excellence
- Identifies and develops a set of key KPI metrics to measure effectiveness
- Assists management in the control, establishment, and enforcement of security for network and infrastructure technology, desktops, and end-users
3. Qualifications
- Strong understanding of governance regulations, GDPR, CCPA, PCI-DSS, as well as security frameworks, NIST, ISO
- Proficiency with ServiceNow GRC & IRM modules (including but not limited to policy & compliance, integrated risk, & vendor risk)
- Reporting technology that integrates information from several risk and security technologies
- Knowledge of critical security domains including End-Point, Vulnerability, Network, Identity, and Backup
- Experience with Microsoft Information Protection, O365 Data protection capabilities including within SharePoint, Teams, One-Drive, and Email