Advertisement

Sr. Information Security And Compliance Engineer - Federal

| Kirkland | Hybrid
Sorry, this job was removed at 10:13 a.m. (PST) on Wednesday, February 17, 2021
Find out who's hiring in Kirkland.
See all Cybersecurity + IT jobs in Kirkland
Apply
By clicking Apply Now you agree to share your profile information with the hiring company.

Please Note:

“This position requires the Public Trust Position (PTP) Tier 2 Level suitability adjudication. If offered employment, you must be willing to complete and successfully pass the adjudication process. Any employment is contingent upon obtaining the required adjudication.” 
 

Company 

Work matters. It’s where we spend a third of our lives, and fortunately, the workplace of the future is going to be a great place. We’re dedicated to bringing that to life for people everywhere. That’s why we put people at the heart of everything we do.

People matter. Our people have a passion for learning, building, and innovating. Whether you’re an engineer, a sales professional, a finance professional, or anything in-between, our roles aim to provide each person with meaningful impact and plenty of space to grow.

Role 

We’re looking for a highly motivated, collaborative and technically experienced Security and Compliance Engineer with the ability to understand cloud operations and technology to proactively monitor and identify risk, effectively communicate those risks and drive remediation/changes within the Global Cloud Service organization. The successful candidate must be reliable, resourceful and have a “can-do” attitude and demonstrate the ability to analyze difficult problems, think out-of-box and provide pragmatic solutions and recommendations. 

 

You will be responsible for the design and execution of control monitor tests (manual and automated) to ensure controls are designed and operating effectively in the environment to address ServiceNow compliance requirements. To do this you will be required to demonstrate ability to analyze difficult problems, think out-of-box and provide pragmatic solutions and recommendations. 

In this role you will work with internal stakeholders to understand compliance testing needs in order to design test cases, execute test cases and support remediation and/or mitigation efforts and validate remediation.  Additionally, you will work collaboratively across operations in support of building and executing a world-class Global Cloud Service compliance program while utilizing the ServiceNow platform. This role will report to the Sr. Director of Global Cloud Service Operations Compliance.

What you get to do in this role:

Work with engineering teams on new process, system and datacenter deployments, addressing compliance requirements as part of initial design and deployment.  Design and execute test cases as part of compliance scheduled and impromptu control monitoring.  Drive remediation and mitigation activities to ensure solution address the risk and meet the intent of the control.  Evangelize GCS compliance to drive control owner awareness and education to ensure controls are implemented, maintained and compliant. Develop and lead new domain/certification ingestion process for new standards, regulations and/or other requirement sets presented to address regulated markets, risk mitigation and/or company forward thinking. Drive efficiency in the compliance process through automation and rationalizing configuration / code-based compliance controls over manual process and controls.

 

Responsibilities:

  • Execute and continually improve to ensure a best in class compliance monitoring process for Global Cloud Services platform and infrastructure levels.
  • Design and execute compliance test plans leveraging the ServiceNow GRC application and automation.
  • Perform gap assessment of GCS operations against the ServiceNow Common Control Framework (CCF), Continuous Control Monitoring (CCM) programs and any future compliance frameworks to address current domains (i.e. Security, Privacy, Quality, Sustainability and Accessibility) and third party attestations/certification (i.e. SOX, FedRAMP, DOD IL4 & DOD IL5, PCI, ISO 27001, ISO 27701, SOC 1 & 2, Singapore MTCS, Australia IRAP, German C5 and more).
  • Communicate findings with control owners, support remediation/mitigation discussions, to ensure solutions address the finding, and validate remediation/mitigation when completed. 
  • Drive GCS compliance onboarding and significant change request process for updated or new product applications, features, deployments, and functionality to ensure control alignment at onset of change.
  • Review and provide feedback for compliance control implementation/narrative documentation.
  • Support the evangelization of compliance controls to drive control owner awareness and education to ensure GCS compliance controls are implemented, maintained and compliant.
  • Participates in external certification and customer audit events, including preparation, sample delivery, onsite facilitation and management response activities.
  • Be a point of contact for internal audit and risk teams in the identification, tracking, and resolution of GCS risk items.

 

In order to be successful in this role, we need someone who has:

 

  • 7+ years working in the field of security, compliance or audit
  • Demonstrated ability to understand the intent of compliance requirements to provide effective and meaningful analysis, test case design and remediation recommendations
  • Strong technical experience with system configuration and architecture review
  • Demonstrated ability to interface successfully with engineering teams in critical and challenging conversations.
  • Strong understanding of federal and commercial compliance certifications and attestations such as PCI, SOX, FedRAMP, DOD SRG, Australia ISMS, Singapore MTCS, German C5, France HDS and S. Korea K-ISMS
  • Excellent verbal and written communication skills
  • Self-motivated, self-directed, and able to thrive in a fast-paced environment with a passion to make an impact
  • Prior experience at a SaaS, PaaS or IaaS Cloud company.
  • Willing to travel up to 25% is required.

 

ServiceNow is an Equal Employment Opportunity Employer.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at (408) 501-8550, or [email protected] for assistance

 

 

 

ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at [email protected] for assistance.

Read Full Job Description
Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.

Technology we use

  • Engineering
    • JavaLanguages
    • JavascriptLanguages
    • ReactLibraries
    • Node.jsFrameworks
    • MariaDBDatabases
    • MongoDBDatabases
    • MySQLDatabases
    • PostgreSQLDatabases

Location

4400 Carillon Point, Floor 4, Kirkland, WA 98033

An Insider's view of ServiceNow

How would you describe the company’s work-life balance?

I am a working mom, and I appreciate the privilege of being able to work from home when I need to adjust my hours. I could be offline for two hours in the middle of the day because there's a school event for my kids. To be able to do so without the pressure of, "Oh my goodness! Now it's going to make me look bad," I don't take that for granted.

Kurdin

Manager, Strategy & Operations

What does your typical day look like?

I work in global cloud services and constantly collaborate with people–every day is different. I could be working on product design, collaborating with folks in other organizations, driving decisions, assessing technology, and talking with customers.

Bill

Distinguished Systems Architect

What does career growth look like on your team?

Since joining ServiceNow, I've built out my leadership team, and 60% are women. My goal for my team is to create opportunities and a platform to showcase the incredible impact that they're having on the business, whether that's having them lead a critical initiative with cross-functional visibility or present during a C-suite meeting.

Vanessa

President, ServiceNow.org

How do your team's ideas influence the company's direction?

In this expanding hybrid world, people conduct millions of transactions on a regular basis, creating more data and processes to manage. So, continuing to offer new solutions, while scaling to the expectations of the modern world, is a challenge we are excited to take on. We are driving new levels of productivity, automation, and innovation.

Pat

Chief Technology Officer

What are some things you learned at the company?

Sometimes, we feel a little self-conscious. We may feel intimated or too shy to share our points of view. But in order to make an impact, we need to be able to trust our voice.

Ying

Director, Product Design

What are ServiceNow Perks + Benefits

ServiceNow Benefits Overview

We make work better for people—including our own. From work environments that help us do our best work, to benefits and a culture that encourage employees to stay healthy, happy, engaged, and growing, we keep our people at the center of everything we do.

Culture
Volunteer in local community
Open door policy
Open office floor plan
Flexible work schedule
Remote work program
Diversity
Documented equal pay policy
Dedicated diversity and inclusion staff
Mandated unconscious bias training
Diversity manifesto
Mean gender pay gap below 10%
Diversity employee resource groups
Hiring practices that promote diversity
Health Insurance & Wellness Benefits
Flexible Spending Account (FSA)
Disability insurance
Dental insurance
Vision insurance
Health insurance
Life insurance
Wellness programs
Financial & Retirement
401(K)
401(K) matching
Company equity
Employee stock purchase plan
Performance bonus
Charitable contribution matching
Child Care & Parental Leave Benefits
Childcare benefits
Generous parental leave
Family medical leave
Adoption Assistance
Vacation & Time Off Benefits
Unlimited vacation policy
Generous PTO
Paid volunteer time
Paid holidays
Paid sick days
Office Perks
Commuter benefits
Company-sponsored outings
Free snacks and drinks
Company-sponsored happy hours
Onsite office parking
Onsite gym
Professional Development Benefits
Tuition reimbursement
Lunch and learns
Promote from within
Mentorship program
Online course subscriptions available

More Jobs at ServiceNow

Apply Now
By clicking Apply Now you agree to share your profile information with the hiring company.
Learn more about ServiceNowFind similar jobs like this