Director of Digital Technology - GRC

Summary

Join ServiceNow as Director of Digital Technology GRC and develop, implement a comprehensive GRC program for the organization's IT environment. You will execute a strategic roadmap for advanced Technology & Security architecture, drive key compliance programs, and architect technical controls across emerging risk priorities. Collaborate with Legal, Privacy, and Data Security teams to ensure adherence to requirements. Lead the design and execution of ServiceNow’s Internal AI Governance program. Integrate GRC requirements into the DT risk management framework. Act as a technical advisor to stakeholders, communicating complex issues and recommendations. Govern and enforce compliance through ongoing control testing and monitoring using the ServiceNow IRM platform.

Requirements

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI’s potential impact on the function or industry
• 12+ years of related experience, with at least 5+ years of hands-on leadership experience in the Technology Governance Risk and Compliance field
• Deep understanding of certification and attestation programs including SOX-404, EU AI Act, NIST AI RMF, NIST-CSF, Global Statutory Audit requirements, ISO standards, and other relevant regulations and standards
• Demonstrated ability to build out scalable compliance systems and processes for complex environments and regulations
• Demonstrated ability to build and lead product development and implementation of ServiceNow’s IRM (Integrated Risk Management) platform and tooling
• Deep understanding of GRC principles, methodologies, and industry best practices
• Self-motivated, self-directed, and able to thrive in a fast-paced environment with a passion to make an impact
• Ability to work across the organization to evangelize and influence company IT compliance and governance efforts
• Demonstrated ability to interface successfully with customers and engineering teams in critical and challenging audits and conversations
• Strong leadership skills, strategy, analytical, problem solving, decision-making; and ability to work under minimum direction
• Prior experience at a SaaS, PaaS or IAAS Cloud company
• Master’s degree or related experience; certifications highly regarded
• Willing to travel up to 20%+ is required

Responsibilities

• Develop & and execute a strategic roadmap for advanced Technology & Security architecture, controls, and solutions across applications, networks, and cloud environments
• Drive key Technology, Security, and Data compliance programs in support of the Digital Technology (corporate IT) organization
• In addition to IT and Security, architect and deploy technical controls across new GRC emerging risk priorities such as, Third Party Risk and Resiliency (BC/DR) programs including cross functional support, coordination and oversight of the programs
• Partner closely with Legal, Privacy, and Data Security & Governance teams to develop corresponding GRC programs within the DT organization, ensuring adherence to requirements through ongoing monitoring and validation of DT controls and supporting processes
• Lead the design, implementation and ongoing execution of ServiceNow’s Internal AI Governance program aimed at driving compliant and risk-based controls across the development, testing, deployment, and monitoring of AI systems across the ServiceNow corporate environment
• Integrate GRC requirements into all elements of the DT risk management framework and supporting control and issue management programs
• Act as a technical advisor to stakeholders, communicating complex IT, Security, Data, AI, TPRM, and Resiliency issues, risk impacts, and recommendations for incident response and risk mitigation
• Govern and enforce ongoing adherence and compliance against requirements through ongoing control testing, continuous controls monitoring and automation using the ServiceNow IRM platform

Preferred Qualifications

• Experience with Government and Regulated Markets mandates including regulator management and interaction is a plus
• Understanding of Federal compliance certifications and requirements such as NIST 800-53 and FedRAMP is a plus