Cybersecurity Audit Manager
ServiceNow is changing the way people work. With a service-orientation toward the activities, tasks and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever before. We’re disruptive. We work hard but try not to take ourselves too seriously. We are highly adaptable and constantly evolving. We are passionate about our product, and we live for our customers. We have high expectations and a career at ServiceNow means challenging yourself to always be better.
We are looking for an experienced Cybersecurity Audit Manager to join our Internal Audit function. We have a tight team environment where support, loyalty, and honest feedback are the currency. ServiceNow employees are expected to be self-starting, proactive, and able to thrive in a fast-paced environment.
What you get to do in this role
- Lead risk-based cybersecurity audits including performing risk assessments, process reviews, advisory services, and product engineering security reviews with minimal oversight
- Provide value-added insights and recommendations to improve the security posture and operational efficiency of our corporate and cloud environments, as well as our product
- Mentor and provide leadership to audit staff and interns
- Actively manage relationships with business partners and co-workers
- Serve as technical resource for cyber-focused technical areas such infrastructure, network security, secure development, vulnerability management, cloud computing, and the ServiceNow platform
In order to be successful in this role, we need someone who has
- Minimum four-year degree from an accredited university; Bachelor’s degree in Computer Science, Management Information Systems, Cybersecurity, or related discipline
- Minimum Experience Required: 6+ Years work experience in technology audit, information security engineering, IT governance risk and compliance, or related areas, preferably within the technology industry. Big 4 Experience strongly preferred
- Require candidates with one of the following certifications: CISSP, OSCP, CCSK.
- Prefer candidates with exposure to a high growth and/or rapidly changing technology enterprise
- Technical skills required:
- Strong understanding of cybersecurity processes and concepts (e.g. vulnerability management, security governance, software development, incident response, physical security, auditing and logging, micro segmentation, secure access service edges, zero trust architecture, PKI, penetration testing) as well as application controls and segregation of duties
- Advanced understanding of internal controls and the demonstrated ability to evaluate and determine the adequacy of control design and operating effectiveness
- Knowledge and experience with professional standards, including NIST 800-53, NIST Cybersecurity Framework, COBIT, ITIL
- Experience with SAP, Workday, Azure, AWS, Palo Alto Networks, zScaler, Illumio, Splunk, Python, ServiceNow a plus
- Experience in leading audits/assessments, performing risk assessments and system implementation reviews, as well as controls design reviews and testing in an international organization
- Exceptional skills in using Excel;
- Soft skills required:
- Excellent verbal, written, oral communication and presentation skills
- Outstanding critical thinking and analytical skills; ability to identify root cause of identified issues
- The ability to present audit issues to management in an easily digestible manner
- Ability to work both independently and as a team member
- Can prioritize and manage multiple tasks concurrently in an efficient and effective manner with minimal supervision
We provide competitive compensation, generous benefits and a professional atmosphere. This is a very collaborative and inclusive work environment where individuals strong on aptitude and attitude will have an opportunity to grow their professional careers through working with some of the most advanced technology and talented developers in the business.
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at [email protected] for assistance.