Senior Director, Risk Management

Summary

Join ServiceNow as a Senior Director of Enterprise Risk Management to lead and evolve the global risk strategy. You will oversee enterprise risk, including operational, strategic, technology, regulatory, and third-party risks. Partner with various teams to identify and mitigate risks related to cybersecurity, AI governance, data privacy, and more. Align risk strategies with business objectives and ensure compliance with relevant regulations. Prepare and present risk assessments to the Audit Committee and executive team. Oversee incident response planning and business continuity. Develop and maintain processes for assessing and monitoring vendor risks. This role requires strong leadership, communication, and strategic thinking skills.

Requirements

• Experience in leveraging or critically thinking about how to integrate AI into work processes, decision-making, or problem-solving. This may include using AI-powered tools, automating workflows, analyzing AI-driven insights, or exploring AI’s potential impact on the function or industry
• 12+ years of experience in risk management, with at least 5 years in a senior leadership role within the technology or SaaS sector
• Deep understanding of technology-driven risk, including AI, cloud security, and platform reliability
• Strategic thinking with hands-on experience building scalable global ERM or GRC programs
• Strong knowledge of risk and compliance frameworks (e.g., NIST, COSO, ISO, SOC, GDPR)
• Executive presence and ability to communicate complex risks in business terms to senior stakeholders
• Proven track record of leading cross-functional governance committees and driving cultural change
• Bachelor’s degree required; MBA, JD, or relevant certifications (e.g., CRISC, CISA, CISM) preferred

Responsibilities

• Lead the design, implementation, and continuous improvement of the Enterprise Risk Management (ERM) framework tailored to the specific needs of a global enterprise tech organization
• Advise the C-Suite and Board on emerging risks, macro trends, and key enterprise risk indicators
• Partner with Security, Engineering, Legal and Product teams to identify, assess, and mitigate risks tied to cybersecurity, AI governance, data privacy, SaaS infrastructure, and third-party integrations
• Serve as Chair of the Governance, Risk and Compliance Operating Committee driving alignment between compliance, audit, and business unit risk assessments
• Align risk strategies with the company’s business objectives, product roadmap, and global expansion efforts
• Deliver scenario planning and stress testing for major initiatives
• Ensure compliance with relevant regulations (e.g., SOX, GDPR, ISO 27001, SOC 2, FedRAMP, AI regulations) and work closely with leaders across all business units to monitor changes in the regulatory landscape
• Collaborate with Finance, IT, Security, HR, Legal, Product and Customer Success to evaluate risks across operations, contracts, security, insurance, people, and supply chain
• Prepare and present risk assessments and mitigation strategies to the Audit Committee and executive team; drive risk awareness at the board level
• Oversee incident response planning, business continuity, and disaster recovery frameworks across global operations
• Develop and maintain processes for assessing and monitoring vendor risks across security, compliance, and operational domains

Preferred Qualifications

• Experience working in or with publicly traded tech companies
• Familiarity with emerging risk topics such as AI ethics, ESG reporting, or geopolitical risk
• Experience integrating GRC tools like ServiceNow, Archer, or MetricStream

Benefits

• Health plans, including flexible spending accounts
• A 401(k) Plan with company match
• ESPP
• Matching donations
• A flexible time away plan and family leave programs