• ServiceNow is changing the way people work. With a service-orientation toward the activities, tasks and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever before.
  • We’re disruptive.  We work hard but try not to take ourselves too seriously.  We are highly adaptable and constantly evolving.  We are passionate about our product, and we live for our customers.  We have high expectations and a career at ServiceNow means challenging yourself to always be better.

What you get to do in this role:

  • We’re looking for a highly motivated, collaborative and technically experienced Security & Compliance Analyst with ability to understand cloud operational and security processes, effectively communicate ServiceNow’s controls, and support changes within the organization through effective testing. The successful candidate must be reliable, resourceful and have a “can-do” attitude.
  • You will be a key member of our team and play an important role in defining the Security and Compliance framework for a leading cloud company. In this role you will be required to demonstrate ability to analyze difficult problems, think out-of-box and provide pragmatic solutions and recommendations.  ServiceNow current compliance initiatives are focused on, but not limited to ISO 27001, ISO 27018, FedRAMP, PCI, SSAE 18, SOC 2, HIPAA, 21 CFR Part 11, MTCS, IRAP and NERC CIP.


  • Evaluates the design and effectiveness of common controls based upon industry best practice models (e.g. COBIT, ITIL) in accordance with compliance requirements.
  • Performs testing activities to help measure and monitor compliance with company policies and procedures.
  • Assists in the analysis and definition of security requirements.
  • Participates in external certification and customer audit events, including preparation, sample delivery, onsite facilitation and management responseactivities.
  • Participates in internal audit events, including discovery, planning, building, testing and gap identification and prepares summary audit reports.
  • Participates in vendor security risk assessment audits including discovery, testing, gap identification and summary risk assessment reports.
  • Candidates must be able to meet all federal government security screening requirements as indicated: Federal security screening requirements call for applicant to verify U.S. Citizenship. Additional customer screening requirements may include items such as, but not limited to: specialized agency background checks (either national or local) and fingerprinting, as well as the ability to obtain a government personnel security clearance.

In order to be successful in this role, we need someone who has:

  • 1+ years working in the field of compliance or audit
  • Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
  • Excellent report writing skills, ability to prepare compliance reports
  • Excellent verbal and written communication skills
  • Prior experience of working in the Security and Compliance group at a SaaS/Cloud company or with Security & Risk practice of a Big 4 firm preferred
  • Prior experience with GRC systems preferred

You can apply to this job and others using your online resume. Click the link below to submit your online resume and email your application to this employer.