Senior Manager, IT Risk Management and Compliance

at

ServiceNow

San Francisco, CA
Full Time
3y ago

Company Description

ServiceNow is making the world of work, work better for people. Our cloud‑based platform and solutions deliver digital workflows that create great experiences and unlock productivity for employees and the enterprise. We're growing fast, innovating faster, and making an impact on our customers' and employees' lives in significant and important ways. With over 6,900 customers, we serve approximately 80% of the Fortune 500, and we're on the 2020 list of FORTUNE World's Most Admired Companies.®

We’re looking for people who are ready to jump right in and help us build on our incredible momentum, our diverse, engaged workforce, and our purpose to make the world of work, work better.

Learn more on Life at Now blog and hear from our employees about their experiences working at ServiceNow.

Job Description

Responsibilities: 

  • Manage IT controls library that should include all IT requirements and controls 

  • Serve as the primary contact for Internal Audit, Risk, Compliance 

  • Work closely with IT, Internal Audit, Risk, Compliance, and external audit partners to plan the audit calendar and coordinate audit requests 

  • Develop and implement IT risk and compliance policies, processes and procedures 

  • Conduct IT risk and compliance assessments 

  • Liaise between IT control owners and auditors to confirm control deficiencies and corrective actions. Monitor implementation of corrective actions and issues 

  • Proactively communicate IT environment changes to IA to assess changes in internal controls and scope. Oversee implementation of internal control changes. 

  • Provide guidance to all levels of IT organization regarding matters of risk 

  • Maintain a current understanding of industry best practices. 

  • Monitor the execution of IT’s Risk Management and compliance roadmap 
    Create and distribute key compliance and risk metrics 

  • Lead special IT risk and compliance projects 

  • Identify, recommend and implement process improvement 

Qualifications

To be successful in this role, we need someone who has: 

  • Consulting experience at a big four firm managing risk management and compliance programs and practice is preferred 

  • Familiarity with the audit concepts of internal controls identification, design, reviews of operating effectiveness, and how IT controls relate to financial reporting. 

  • Experience conducting IT risk and compliance assessments  

  • Experience developing and implementing IT risk and compliance policies, processes and procedures 

  • Excellent organizational, multi-tasking, project management, and critical thinking skills. 

  • Excellent written/verbal communications skills and attention to detail. 

  • Ability to collaborate across functions and drive timely completion of deliverables 

  • Minimum 10+ years of experience in IT with 5 years in a broad IT role implementing complex control, risk, compliance, and governance programs as well as experience conducting IT audits 

  • Certifications in Security, Audit and Risk Management  

  • Extensive experience with national and international compliance requirements/standards such as SOX, ITGC, NIST, Mitre, FAIR, SOC 2, PCI, HIPAA, BSIMM. 

  • Bachelor's degree required in Information Technology, Computer Science, or business-related discipline, Master’s degree a plus 

  • Knowledge of Governance, Risk and Compliance (GRC) technological tools and methodologies and knowledge of ServiceNow GRC is a plus 

Additional criteria: 

  • Problem-solving skills with the ability to turn findings into executable plans. 

  • Track record of identifying the need for and driving beneficial change; practices continuous improvement 

  • Demonstrated ability to build trust and strong cross-functional relationships across an organization to achieve common goals 

  • Excellent verbal and written communication skills with ability to have critical conversations 

  • Strong business acumen and demonstrated sound business judgment. 

  • Ability to effectively prioritize workload 

 

Additional Information

ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.

If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at [email protected] for assistance.

For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.

Please Note: Fraudulent job postings/job scams are increasingly common. Click here to learn what to watch out for and how to protect yourself. All genuine ServiceNow job postings can be found through the ServiceNow Careers site.

Apply for this job

Click on apply will take you to the actual job site or will open email app.

Click above box to copy link
Copied
Get exclusive remote work stories and fresh remote jobs, weekly 👇
View all remote jobs
Onkar By: Onkar