Senior Cloud Compliance Manager | 31668
Job Title: Senior Cloud compliance Manager
Internal:Senior Specialist, Customer Audit and Industry Vertical Compliance
Work matters. It’s where we spend a third of our lives, and fortunately, the workplace of the future is going to be a great place. We’re dedicated to bringing that to life for people everywhere. That’s why we put people at the heart of everything we do.
People matter. Our people have a passion for learning, building, and innovating. Whether you’re an engineer, a sales professional, a finance professional, or anything in-between, our roles aim to provide each person with meaningful impact and plenty of space to grow.
The Senior Specialist, Customer Audit and Industry Vertical Compliance, will be responsible for contributing to and executing on the audit and certification strategy as defined by Audit Risk and Compliance leadership. This consists of managing customer audit interaction of ServiceNow’s cloud platform and infrastructure with third-party/customer auditors of major customer accounts within regulated markets (e.g. Financial Services, Healthcare & Life sciences, Public Sector, Energy and Utilities).
This role will also support ServiceNow’s European regional strategy related to regulated market certification, regulatory framework adherence, and attestations (e.g. European Banking Authority Regulation and Policy– EBA, French Hébergeurs de Données de Santé – HDS, EU General Data Protection Regulation – GDPR).
This individual will support the analysis and adoption of new and existing European regulatory and compliance programs as directed by ServiceNow leadership. This role will work collaboratively with members of the Enterprise Risk, Compliance Engineering, Sales, Security, Industry Vertical, Go-To-Market, Product, and Operations teams. This role will also design and effectively monitor ServiceNow’s controls by understanding intent and implementation of controls, as well as drive changes within the organisation through effective gap analysis and testing. The successful candidate must be reliable, resourceful and have a “can-do” attitude.
What you get to do in this role:
- Support and manage various customer audit engagements with large global customers and European regulatory programs including HDS, EBA, GDPR, and more.
- Develop and maintain relationship with industry regulators and customer audit and account teams. Provide meaningful input and insight in addressing regulatory and compliance requirements with new and innovative cloud technologies and implementations.
- Perform activities to help measure and monitor compliance with company policies and procedures.
- Provide insight on feature requests and bug fixes to product, infrastructure, risk, and remediation engineering teams as output from customer audit and regulatory engagements.
- Facilitate customer and certifier requests and information gathering for audit activities and manage interactions for onsite and remote audits.
- Successfully project manage and drive control design and testing activities across various teams within the organisation and for existing / new system infrastructures and architectures.
- Contribute to enhancing our GRC tool and processes to meet compliance business needs.
In order to be successful in this role, we need someone who has:
- Minimum 7 years working in the field of compliance or audit
- Practical working involvement, and successful history of facilitating and delivering Financial Services related certifications, audits, or regulatory frameworks (PCI-DSS, EBA, MAS, NYDFS, SEC Rule 17a-4(f), FISC) or Healthcare related certifications, audits, or regulatory frameworks (HIPAA, HITRUST, GxP)
- Deep understanding or aptitude to learn common certifications and attestations including ISO 27001, PCI-DSS, SSAE18 SOC 1, SOC2, HITRUST, ISO 27701
- Prior experience of working in the Security and Compliance group at a Financial Institution, SaaS/Cloud company, or with Security & Risk practice of a Big 4 firm.
- Relevant professional certifications such as CISSP, CISA, CISM, CIPP, GIAC, PMP
- Strong organisational skills, attention to detail and ability to multitask
- Prior experience with GRC systems
- Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
- Excellent verbal and written skills
- Be able to work effectively with other members of the GRC organisation to drive results, to include a remote team
We provide competitive compensation, generous benefits and a professional
atmosphere. This is a very collaborative and inclusive work environment
where individuals strong on aptitude and attitude will have an opportunity to grow their professional careers through working with some of the most advanced technology and talented developers in the business.
ServiceNow is an equal opportunity employer, committed to building a diverse and inclusive company where employees feel that they belong. This means that individuals seeking employment at ServiceNow are considered without regard to race, colour, religion or belief, sex, sexual orientation, gender identity, pregnancy, national original, age, disability, or any other characteristic protected by law. If you are an individual with a disability which is likely to affect you during any part of the application process, you may contact us at [email@example.com] so that we can consider whether we can make any adjustments to the process.