Senior Director, Cloud Governance, Compliance & Audit
Job Title: Sr Director, Cloud Governance, Compliance & Audit
Company
Work matters. It’s where we spend a third of our lives. And the workplace of the future is going to be a great place. We’re dedicated to bringing that to life for people everywhere. That’s why we put people at the heart of everything we do.
People matter. Our people have a passion for learning, building, and innovating. Whether you’re an engineer, a sales professional, a finance professional, or anything in-between, our roles aim to provide each person with meaningful impact and plenty of space to grow.
Role
The Sr Director, Cloud Governance, Compliance & Audit (CGC&A) will report to the VP, Audit, Risk, & Compliance and be responsible to lead the CGC&A team which includes teams for product government cloud compliance, global commercial cloud compliance, and customer audits. This role will collaborate with teams across the organization including Security, Product, Engineering, Legal, and Finance to ensure ServiceNow products and services address ServiceNow compliance requirements, customers’ expectations, and that controls are designed and operating as intended in the environment.
What you get to do in this role:
- Establish best in class processes and operations for managing and monitoring compliance at the cloud Application, Platform, and Infrastructure levels in both our Government & Commercial cloud environments
- Lead Government compliance teams through maintaining existing Fedramp High and DOD IL4 certifications and obtaining DOD IL5 certification
- Lead international cloud compliance teams through new certifications targeted in strategic markets for the organization
- Lead strategy and execution of the cloud Common Control Framework (CCF) and Continuous Control Monitoring (CCM) programs to address current domains (i.e. Security, Privacy, Quality, Sustainability and Accessibility) and third party attestations/certification (i.e. ISO 27001, ISO 27017, ISO 27018, ISO 27701, SOC 1, SOC 2, MTCS, IRAP, German C5 and more)
- Drive system and process transformation to scale cloud compliance programs with growth of ServiceNow
- Develop and maintain organization policy and procedures that drives key activities
- Drive a significant change request process along with cloud risk management teams to identify new product applications, features, and functionality to ensure timely inclusion in compliance programs and certifications
- Develop and lead new domain/certification ingest process for new standards, regulations and/or other requirement sets presented to address regulated markets, risk mitigation and/or company forward thinking
- Provide training and awareness to key stakeholders across engineering & security organizations
- Further develop the global customer audit program to scale demand and resources, and partner with international geographies on the execution of customer audits
In order to be successful in this role, we need someone who has:
- 15+ years related experience, with 10+ years of hands on leadership experience in Governance Risk and Compliance fields
- Deep understanding of commercial and US Federal Government certification and attestation to include Fedramp, DOD IL4/5, SSAE16 SOC 1, SOC2, PCI DSS, , ISO 27001, ISO 27701, Singapore MTCS, Australia IRAP
- Experience and demonstrated understanding of other global cloud certifications such as German C5, France HDS, France SecNumcloud, India Meity, and S. Korea KISMS is a plus
- Demonstrated ability to build out scalable compliance systems and processes for complex environments and regulations
- Deep understanding of compliance audit testing and design of test
- Self-motivated, self-directed, and able to thrive in a fast-paced environment with a passion to make an impact
- Ability to work across the organization to evangelize and influence company compliance efforts
- Strategic thinking to create vision, and influence company strategic priorities as it relates to compliance in our cloud environment
- Demonstrated ability to interface successfully with customers in critical and challenging audits and conversations
- Strong leadership skills, strategic, analytical, problem solving, decision-making; works under minimum direction
- Prior experience at a SaaS, Paas or IAAS Cloud company
- Master’s degree or related experience; certifications highly regarded
- Willing to travel up to 25%+ is required
EEOE Statement Section
ServiceNow’s EEOE statement is automatically added to each U.S. based job description.
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at (408) 501-8550, or [email protected] for assistance.