Risk and Compliance Analyst | 22705

Engineering, Infrastructure and Operations Santa Clara, California San Diego, California


Risk and Compliance Analyst

Audit Risk & Compliance, Risk and Remediation Team Location(s):
Santa Clara, CA or San Diego, CA

Reports to: Manager, Security Risk Management

ServiceNow is changing the way people work. With a service-orientation toward the activities, tasks and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever before. 

We’re disruptive.  We work hard but try not to take ourselves too seriously.  We are highly adaptable and constantly evolving.  We are passionate about our product, and we live for our customers.  We have high expectations and a career at ServiceNow means challenging yourself to always be better.

About the role:

As a Risk and Compliance Analyst, you will be a key member of our Risk and Remediation Team and play an important role in defining the Security and Compliance framework for a leading cloud company. We are looking for a highly motivated, collaborative, and technically experienced individual with the ability to understand cloud operational and security processes and effectively communicate risks; driving remediation throughout the organization.

This position will work closely with internal business units and external customers, reporting to the Manager, Security Risk Management, as part of the Audit Risk & Compliance Team. This position will help support Security and Compliance efforts across the enterprise.

 What you will be doing:

  • Assist with successful completion of risk assessment activities
  • With support of manager successfully project manage and drive remediation activities across various teams within the organization
  • Assist with driving integration of remediation efforts within the risk management process
  • Contribute by enhancing and maturing the existing Risk Management framework and processes
  • Facilitate customer requests and information gathering for audit activities.
  • Help our customers understand ServiceNow’s security and compliance control environment
  • Contribute in enhancing our Governance, Risk and Compliance (GRC) tool to meet compliance business needs
  • Develop/Enhance dashboards for management level reporting

What we seek:

  • Bachelor’s degree required, and 5+ years of experience in compliance or Information Security
  • Direct and recent work experience with at least two of the following compliance programs or frameworks: ISO 27001, NIST RMF, COSO, DoDI 8500.2, IRAP, PCI, HIPAA, NERC CIP
  • Relevant professional certifications such as: CISSP, CRISC, CISA, CISM, CIPP, GIAC, PMP
  • Ability to manage security and compliance projects
  • Prior experience with GRC systems
  • Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
  • Excellent report writing skills; ability to prepare risk and compliance reports and associated metrics
  • Excellent verbal and written communication skills
  • Possess a Growth Mindset, eager to learn and share with others
  • The flexibility and agility to handle multiple, simultaneous projects, in a faced-paced, ambiguous, dynamic environment with fluid objectives and priorities


ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, national origin, age, disability, gender identity, or veteran status. If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at (408) 501-8550, or talent.acquisition@servicenow.com for assistance.