Cyber Security Compliance Analyst

Company Description

ServiceNow is changing the way people work. With a service orientation toward the activities, tasks, and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever.  

We’re disruptive.  We work hard but try not to take ourselves too seriously.  We are highly adaptable and constantly evolving.  We are passionate about our product, and we live for our customers.  We have high expectations and a career at ServiceNow means challenging yourself to always be better.  

Unsure if you meet all the qualifications of a job description but are deeply excited about the role? We still encourage you to apply! At ServiceNow, we are committed to creating an inclusive environment where all voices are heard, valued, and respected. We welcome all candidates, including individuals from non-traditional, varied backgrounds, that might not come from a typical path connected to this role. We believe skills and experience are transferrable, and the desire to dream big makes for great candidates.

Job Description

What the role entails 

We are looking for a highly motivated, collaborative, and technically experienced Cyber Security Compliance Analyst with the ability to understand and influence cloud operational and security processes, effectively communicate ServiceNow’s controls including intent, and drive changes within the organisation through effective testing. The successful candidate must be reliable, resourceful, and have a “can-do” attitude.  

This role will drive and measure compliance for the cloud business systems, control areas, processes, and products for company compliance initiatives. ServiceNow's current compliance initiatives are focused on but are not limited to Japan’s ISMAP, ISO 27001, ISO 27018, IRAP, MTCS, Korean ISMS, PCI, SSAE 18, and SOC 2. 

• Perform activities to help measure and monitor compliance with company policies and procedures 
• Facilitate certifier requests and information gathering for audit activities and lead onsite audits
• Conduct activities to comply with the government's Cyber Security requirements
• Successfully drive security compliance testing activities across various teams within the organisation 
• Contribute towards enhancing the GRC tool and processes to meet compliance business needs 

Qualifications

What it takes to be successful in this role 

• 2+ years working in the field of cyber security compliance, security risk or audit 
• Direct and recent working experience with at least two of the following compliance programs: Cyber Essentials Plus, ISO 27001, PCI, IRAP, MTCS, SSAE18, and/or SOC2
• Prior experience working in the Security and Compliance group at a SaaS/Cloud company or with the Security and Risk practice of a Big Four firm 
• Relevant professional certifications such as CISSP, CISA, and CISM are desirable
• Experience using a GRC system
• Excellent communication and report writing skills, ability to prepare compliance reports and associated metrics 
• Proficiency in the English and Japanese languages (an advantage)

Why ServiceNow 

ServiceNow provides competitive compensation, generous benefits, and a professional atmosphere. 

This is a very collaborative and inclusive work environment where individuals strong in aptitude and attitude will have an opportunity to grow their professional careers through working with some of the most advanced technologies.

Additional Information

ServiceNow is an Equal Employment Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status or any other category protected by law.

At ServiceNow, we lead with flexibility and trust in our distributed world of work. Click here to learn about our work personas: flexible, remote and required-in-office.

If you require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact us at talent.acquisition@servicenow.com for assistance.

For positions requiring access to technical data subject to export control regulations, including Export Administration Regulations (EAR), ServiceNow may have to obtain export licensing approval from the U.S. Government for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by the U.S. Government.

Please Note: Fraudulent job postings/job scams are increasingly common. Click here to learn what to watch out for and how to protect yourself. All genuine ServiceNow job postings can be found through the ServiceNow Careers site.