Position: Security and Compliance Subject Matter Expert (SME)
Location: 100% Remote
Duration: Long Term
Job Description:
We are seeking a dedicated Security and Compliance SME to ensure the integrity, confidentiality, and availability of our ServiceNow platform. This role will serve as the lead expert on all platform-related security and compliance matters, responsible for implementing best practices, enforcing policies, and ensuring the platform meets rigorous audit and regulatory requirements. The ideal candidate possesses deep expertise in both enterprise security principles and the ServiceNow platform's security architecture.
Key Responsibilities
Lead the strategy and execution of Platform Security, including instance hardening, security configurations, and implementing ServiceNow's security best practices.
Design, implement, and maintain a granular Role-Based Access Control (RBAC) model, managing ACLs, user roles, and groups to enforce the principle of least privilege.
Ensure platform auditability by configuring and monitoring system logs, tracking critical activities, and preparing for internal and external security audits.
Develop and manage processes for Policy Compliance, utilizing ServiceNow's capabilities to automate the monitoring and reporting of compliance against security policies and regulatory frameworks.
Serve as the primary point of contact for all platform security incidents, vulnerability assessments, and compliance-related inquiries.
Collaborate with the GRC and cybersecurity teams to align platform security with broader enterprise risk management objectives.
Provide expert guidance to the development team on secure coding practices and the security implications of platform customizations.
Stay current with emerging security threats and ServiceNow security features to continuously improve the platform's security posture.
Required Qualifications
5-7+ years of experience in an information security, compliance, or audit role.
3+ years of hands-on experience with ServiceNow, specifically focusing on its security features and architecture.
In-depth knowledge of access control methodologies, application security, and data protection principles.
Strong understanding of security frameworks and regulations (e.g., NIST, ISO 27001, SOX, GDPR).
Demonstrated experience in managing and responding to security audits.
Excellent analytical, problem-solving, and documentation skills.
Preferred Qualifications
Certified Information Systems Security Professional (CISSP) is strongly preferred.
ServiceNow Certified Implementation Specialist (CIS) Security Incident Response or Vulnerability Response is strongly preferred.
ServiceNow Certified Implementation Specialist (CIS) Risk and Compliance.
Experience with ServiceNow GRC or Security Operations modules.
Experience working in a government or other highly regulated environment (e.g., FedRAMP).
Best Regards,
Ashok Kumar
Sr. Talent Acquisition Specialist
Email:
Web: ;br /> 4229 Lafayette Center Dr, Suite 1880, Chantilly, VA 20151
Never miss an opportunity! Create an alert based on the job you applied for.
