• ServiceNow GRC Senior Consultant

    EYCarson City, NV 89713

    Job #1358090559

  • ServiceNow GRC Senior Consultant


    Requisition # UNI00GDB

    Post Date Jan 24, 2021

    Therisk landscape is continuously changing due to market volatility, geopolitical

    crises, widespread economic changes, regulatory reforms and cyber threats. As a

    result, there has been increased pressure from the board of directors and

    investors to effectively monitor and manage risk. ? In a world where risk is

    everywhere, organizations look to us to transform their approach to risk and

    turn it into a means not only to protect the enterprise, but to help them

    create ~~~ amember of our Governance Risk and Compliance (GRC) national practice, you will

    belong to a network of professionals helping our clients transform their risk

    functions and implement technology solutions to provide executive leadership

    with valuable insights for decision-making. ?

    The Opportunity ?

    Youwill team with respected and experienced professionals and work directly with

    our clients to help them identify important risks, design frameworks to manage

    them, and improve the effectiveness andefficiency of risk management.

    You will belong to a network of professionals helping our clients

    transform their risk functions and implement GRC solutions that support risk management and governance.

    We will support you with career-long training and coaching to

    develop your skills in risk strategy, risk function design, risk management and

    performance enhancement.Since EY is a global leading service provider in this space,

    you will be working with the best people in a collaborative environment so that

    whenever you join and for however long you stay, the exceptional EY experience

    lasts a lifetime.

    Skills and Attributes For Success

    The role of a ServiceNow GRC Senior includes collaborating with other members of the engagement team to

    coordinate, plan and deliver ServiceNow GRC projects. As you build knowledge and experience,

    you'll become a credible advisor to junior consultants to deliver work products

    across the focus areas mentioned above within the organization as well as the client contacts.

    Responsibilities include but are not limited


    · Implementing ServiceNow GRC/IRM - Policy and Compliance

    Management, Vendor Management, Risk Management and Audit Management, and other

    risk management processes

    · Advise clients on setting strategic business decisions to addressrisks impacting business performance.

    · Advise clients on aligning risk and business objectives,

    improvingcoordination and alignment of risk activities across the organization,andeffectively leveraging

    GRC technology to respond to different risk scenarios.

    · Deliver GRC technology enablement services to enable and automaterisk management processes

    (i.e. risk assessments, risk mitigation strategies,and risk register, etc.)

    · Design and develop enhancements for the existing GRC modules ofGRC tools,

    and fix issues or defects which arise in the production environment.

    · Consistently deliver quality client services; monitor progress, managerisk, and make certain that key

    stakeholders are kept informed about progressand expected outcomes; stay abreast of current business and

    industry trendsrelevant to our clients' businesses

    · Establish relationships with client personnel at appropriate levels

    · Demonstrate in-depth technical capabilities and professional knowledge,

    demonstrate ability to assimilate new knowledge

    To qualify for the role, you must have ?

    A bachelor's degree in Computer Science, Information Systems, Business, Finance, Engineering,

    or a related field and 2 years of experience developing Information Technology risk management solutions.

    Alternatively, must have a Master's degree in Computer Science, Information Systems, Business, Finance,

    Engineering, or a related field and 1 year of work experience developing Information Technology risk management


    · Experience building information risk management governance models &policies

    · Experience building governance, risk and compliance processes (riskregister, risk-based asset profiling,

    control management, controls testing,issues management, policy exceptions)

    · Experience developing unified control frameworks across relevantregulatory

    and business standards(e.g., NIST, ISO, CCPA, PCI-DSS, COBIT, etc.)

    · An understanding of and implementation experience with a variety of

    GRCtools (e.g., GRC, RSA Archer, ServiceNow)

    · Experience with the assessment, design and implementation of risk management

    and compliance programs,including risk governance, risk appetite and risktolerance,

    risk assessment and risk mitigation strategies; integration of riskmanagement and strategic

    and business planning processes; and integration ofrisk management functions

    Ideally, you'll also have

    · Prior experience as a consultant or client-serving professional

    · Familiarity with reporting tools (e.g., Spotfire, PowerBI)

    · CISSP, CISA, CRISC or other relevant certification desired

    · Big Four experience is a plus with IT risk, compliance or securitymanagement experience

    · GRC Solutions Expertise: Hands on experience implementingServiceNow GRC/IRM

    and different use cases such as Policy and Compliance,Audit, Risk and Vendor Risk Management

    EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.