DivIHN (pronounced “divine”) is a CMMI ML3-certified Technology and Talent solutions firm. Driven by a unique Purpose, Culture, and Value Delivery Model, we enable meaningful connections between talented professionals and forward-thinking organizations. Since our formation in 2002, organizations across commercial and public sectors have been trusting us to help build their teams with exceptional temporary and permanent talent.
Visit us at to learn more and view our open positions.
Please apply or call one of us to learn more
For further inquiries regarding the following opportunity, please contact our Talent Specialist, Abdul at or Saravanakumar at
Title: Senior ServiceNow GRC Consultant
Location: Remote
Duration: 6 Months with possibility of extension
Working Hours: 37.5 hours per week, with 7.5 hours per day
Onsite presence during 1st week is required for onboarding
Only W2 candidates are eligible for this position. Third-party or C2C candidates will not be considered.
1. Role Overview
- We seek a senior consultant to lead a full ServiceNow GRC build for a state agency.
- The agency owns the GRC (IRM) module suite.
- It has not turned the modules on or set them up.
- This person starts at zero and takes the platform live.
- The right hire has led this kind of build before, start to finish.
2. What Success Looks Like
By the close of the engagement, the consultant will have delivered the items below.
- A live GRC platform in production.
- Configured Risk Management, Policy and Compliance, and Audit Management modules.
- A working risk register, control library, and policy repository.
- Tested workflows, dashboards, and reports.
- GRC tied into the agency's current ServiceNow apps.
- Complete technical and functional documentation.
- Trained administrators and business users.
3. Core Responsibilities
The consultant owns the work below across each phase.
Plan and design
- Lead the build from planning through production.
- Gather business and technical needs from agency stakeholders.
- Turn those needs into a clear solution design.
Configure and build
- Configure Risk Management, Policy and Compliance, and Audit Management.
- Configure Vendor Risk Management and Business Continuity Management where the agency needs them.
- Build workflows, forms, approvals, notifications, dashboards, and reports.
- Build risk registers, control libraries, compliance frameworks, and policy repositories.
- Write custom logic with JavaScript, Flow Designer, Business Rules, Script Includes, UI Policies, and In-tegrationHub when the work calls for it.
Integrate
- Connect GRC to current ServiceNow apps: ITSM, CMDB, Security Operations, and Vulnerability Re-sponse.
- Connect to third-party tools through REST and SOAP APIs.
Test, deploy, and support
- Run testing and guide user acceptance testing (UAT).
- Deploy to production.
- Support the agency after go-live.
Document and train
- Write technical and functional documents.
- Run knowledge transfer sessions.
- Train administrators and business users.
- Lead knowledge transfer sessions and effectively train administrators, business users, and support staff to ensure the agency can independently administer and maintain the ServiceNow GRC platform after implementation.
Collaborate
- Work with business, security, compliance, audit, and infrastructure teams through each phase.
4. Required Qualifications
- Bachelor’s degree in computer science, Information Systems, or a related field (or equivalent experi-ence).
- 7+ years of ServiceNow experience.
- 3+ years implementing ServiceNow GRC / IRM.
- A proven ground-up GRC build, start to finish.
- Hands-on configuration of Risk Management.
- Hands-on configuration of Policy and Compliance.
- Hands-on configuration of Audit Management.
- Strong JavaScript development.
- Hands-on work with Flow Designer, Business Rules, Script Includes, ACLs, and UI Policies.
- Integration through REST and SOAP APIs.
- Strong requirements gathering and documentation.
- Understanding of Integration Hub, Integration with ITSM, CMDB, Security Operations, and Vulnera-bility Response.
- Working knowledge of NIST, CIS Controls, ISO 27001, HIPAA, CJIS, PCI-DSS, or SOX.
- Proven knowledge transfer and training.
- Strong communication and facilitation skills with ex-perience delivering end-user training, mentoring administrators, and conducting effective knowledge transfer during enterprise platform implementations.
5. Preferred Qualifications
- CIS-RC certification (Certified Implementation Specialist, Risk and Compliance).
- CSA certification (Certified System Administrator).
- GRC build experience in government or public sector.
- Configuration of Vendor Risk Management.
- Configuration of Business Continuity Management.
- IntegrationHub experience.
About us:
DivIHN, the ''IT Asset Performance Services'' organization, provides Professional Consulting, Custom Projects, and Professional Resource Augmentation services to clients in the Mid-West and beyond. The strategic characteristics of the organization are Standardization, Specialization, and Collaboration.
DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race, color, religion (creed), gender, gender expression, age, national origin (ancestry), disability, marital status, sexual orientation, or military status.
Never miss an opportunity! Create an alert based on the job you applied for.
