Sorry, this listing is no longer accepting applications. Don’t worry, we have more awesome opportunities and internships for you.

Security Risk Program Manager

S

ServiceNow

Security Risk Program Manager

San Diego, CA
Full Time
Paid
Similar Jobs
  • Responsibilities

    Job Description

    TEAM

    The Security Risk Team at ServiceNow is chartered with facilitating the assessment of identified gaps and security risk scenarios in a consistent and collaborative fashion through the use of the FAIR methodology. Through communication and consultation with partner security teams to perform risk assessments we accurately report security risk to upper management and stakeholders throughout ServiceNow. These risk assessment and reporting efforts are critical to management decision making and prioritization for information security initiatives.

     ROLE

    We’re looking for a highly motivated, collaborative and technically experienced Security Risk Program Manager who has the ability to understand cloud operational and security processes, effectively communicate ServiceNow’s security risks, and facilitate agreement and understanding of risks within the organization. The successful candidate should be reliable, resourceful and has a “can-do” attitude.

    You will be a key member of our Security Team and play an important role in assessing and prioritizing security risk for the most innovative technology company in our class. In this role, you will be required to demonstrate ability to analyze difficult problems, think out-of-box and provide pragmatic solutions and recommendations.  The Security Risk Program Manager will leverage the FAIR methodology to measure and report on risks associated with confidentiality, availability or integrity for all of ServiceNow business systems, identified gaps, controls and business processes.

    WHAT YOU GET TO DO IN THIS ROLE:

    • Lead or assist with risk articulation and evaluation efforts through the FAIR methodology
    • Collaborate cross-functionally across the security organization to facilitate agreement and understanding of risk ratings for identified gaps and risk scenarios
    • Develop senior leadership and board level reporting presentations and dashboards
    • Assist program management teams in articulating benefit of projects and solutions through quantifiable risk reduction
    • Leverage the ServiceNow platform for day-to-day activities to provide feedback to our product team and build an amazing story we can tell our customers
  • Qualifications

    Qualifications

    IN ORDER TO BE SUCCESSFUL IN THIS ROLE, WE NEED SOMEONE WHO HAS:

    • 7+ years working in the field of information security or risk management
    • Prior experience of working in the Security or Risk Teams at a SaaS/Cloud company or with Security & Risk practice of a Big 4 firm
    • Direct and recent working experience with the FAIR methodology and NIST 800-53
    • Relevant professional certifications such as OpenFAIR, CRISC, CISSP, CISA, CISM
    • Ability to manage security and risk management projects
    • Prior experience with GRC systems, with ServiceNow and RiskLens being a plus
    • Ability to understand the intent of business and security requirements to provide effective and meaningful analysis
    • Excellent report writing skills, ability to prepare risk management reports and associated metrics
    • Excellent verbal and written communication skills

    Additional Information

    ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.

    If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at talent.acquisition@servicenow.com for assistance.

    For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.

    Please Note: Fraudulent job postings/job scams are increasingly common. Click here to learn what to watch out for and how to protect yourself. All genuine ServiceNow job postings can be found through the ServiceNow Careers site.