Senior Information Security & Compliance Analyst
ServiceNow is changing the way people work. With a service-orientation toward the activities, tasks and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever before.
We’re disruptive. We work hard but try not to take ourselves too seriously. We are highly adaptable and constantly evolving. We are passionate about our product, and we live for our customers. We have high expectations and a career at ServiceNow means challenging yourself to always be better.
What you get to do in this role:
We’re looking for a highly motivated, collaborative and technically experienced Sr. Information Security & Compliance Analyst with ability to: understand operational and security processes, effectively communicate ServiceNow’s risks, and drive remediation/changes within the organization. The successful candidate should be reliable, resourceful and have a “can-do” attitude.
You will be a key member of our team and play an important role in defining the Security and Compliance framework for a leading cloud company. In this role you will be required to demonstrate ability to analyze difficult problems, think out-of-box and provide pragmatic solutions and recommendations. ServiceNow current compliance initiatives are focused on, but not limited to ISO 27001, ISO 27018, ISO 9001, FedRAMP, DoD IL4, ASD IRAP, Singapore MTCS,PCI, SSAE 16, SOC 2, HIPAA, 21 CFR Part 11, GDPR and NERC CIP. The Senior Information Security and Compliance Analyst will be involved in driving and measuring compliance for the business systems, control area, process, and product for company compliance initiatives.
Responsibilities:
- Assist in the successful completion of risk assessment activities for Commercial or Federal offerings
- Assist in driving remediation for the ServiceNow POA&M
- Drive remediation activities across various teams within the organization
- Drive integration of remediation efforts with the risk management process
- Contribute by enhancing and maturing the risk framework
- Perform regulation and standard gap analysis and prepare summary reports
- Perform activities to help measure and monitor compliance with company policies and procedures
- Facilitate customer request and information gathering for audit activities
- Help our customers and employees understand ServiceNow’s security and compliance control environment
- Contribute in enhancing our GRC tool to address risk management and compliance business needs
In order to be successful in this role, we need someone who has:
- 3+ years working in the field of compliance or security
- Prior work experience in a a SaaS/Cloud company Security and Compliance group or Security & Risk practice of a Big 4 firm
- Direct and recent work experience with at least two of the following compliance program: ISO 27001, ISO 9001, PCI, SSAE16, SOC2, HIPPA, 21 CFR Part 11, 21 CFR Part 820, Annex 11, FedRAMP, DoDI 8500.2, and GDPR.
- Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
- Excellent report writing skills, ability to prepare compliance reports and associated metrics
- Excellent verbal and written communication skills
Candidates must be able to meet all US Federal government security screening requirements as indicated: Federal security screening requirements call for applicant to verify U.S. Citizenship. Additional screening requirements may include, but not limited to: specialized agency background checks (either national or local), fingerprinting, as well as the ability to obtain a government Public Trust Position (PTP) suitability.
Work Environment
We provide competitive compensation, generous benefits and a professional atmosphere. This is a very collaborative and inclusive work environment where individuals strong on aptitude and attitude will have an opportunity to grow their professional careers through working with some of the most advanced technology and talented developers in the business.
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at (408) 501-8550, or [email protected] for assistance.