Security Risk Program Manager
Company Description
ServiceNow is making the world of work, work better for people. Our cloud‑based platform and solutions deliver digital workflows that create great experiences and unlock productivity for employees and the enterprise. We're growing fast, innovating faster, and making an impact on our customers' and employees' lives in significant and important ways. With over 6,900 customers, we serve approximately 80% of the Fortune 500, and we're on the 2020 list of FORTUNE World's Most Admired Companies.®
We’re looking for people who are ready to jump right in and help us build on our incredible momentum, our diverse, engaged workforce, and our purpose to make the world of work, work better.
Learn more on Life at Now blog and hear from our employees about their experiences working at ServiceNow.
Job Description
Team
The Security Risk Team at ServiceNow is chartered with facilitating the assessment of identified gaps and security risk scenarios in a consistent and collaborative fashion through the use of the FAIR methodology. Through communication and consultation with partner security teams to perform risk assessments we accurately report security risk to upper management and stakeholders throughout ServiceNow. These risk assessment and reporting efforts are critical to management decision making and prioritization for information security initiatives.
Role
We’re looking for a highly motivated, collaborative and technically experienced Security Risk Program Manager who has the ability to understand cloud operational and security processes, effectively communicate ServiceNow’s security risks, and facilitate agreement and understanding of risks within the organization. The successful candidate should be reliable, resourceful and has a “can-do” attitude.
You will be a key member of our Security Team and play an important role in assessing and prioritizing security risk for the most innovative technology company in our class. In this role, you will be required to demonstrate ability to analyze difficult problems, think out-of-box and provide pragmatic solutions and recommendations. The Security Risk Program Manager will leverage the FAIR methodology to measure and report on risks associated with confidentiality, availability or integrity for all of ServiceNow business systems, identified gaps, controls and business processes.
What you get to do in this role:
- Lead or assist with risk articulation and evaluation efforts through the FAIR methodology
- Collaborate cross-functionally across the security organization to facilitate agreement and understanding of risk ratings for identified gaps and risk scenarios
- Develop senior leadership and board level reporting presentations and dashboards
- Assist program management teams in articulating benefit of projects and solutions through quantifiable risk reduction
- Leverage the ServiceNow platform for day-to-day activities to provide feedback to our product team and build an amazing story we can tell our customers
Qualifications
In order to be successful in this role, we need someone who has:
- 7+ years working in the field of information security or risk management
- Prior experience of working in the Security or Risk Teams at a SaaS/Cloud company or with Security & Risk practice of a Big 4 firm
- Direct and recent working experience with the FAIR methodology and NIST 800-53
- Relevant professional certifications such as OpenFAIR, CRISC, CISSP, CISA, CISM
- Ability to manage security and risk management projects
- Prior experience with GRC systems, with ServiceNow and RiskLens being a plus
- Ability to understand the intent of business and security requirements to provide effective and meaningful analysis
- Excellent report writing skills, ability to prepare risk management reports and associated metrics
- Excellent verbal and written communication skills
Additional Information
ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.
If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at [email protected] for assistance.
For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.
Please Note: Fraudulent job postings/job scams are increasingly common. Click here to learn what to watch out for and how to protect yourself. All genuine ServiceNow job postings can be found through the ServiceNow Careers site.