EY ServiceNow GRC Senior Consultant in Denver, Colorado
ServiceNow GRC Senior Consultant
Requisition # UNI00GDB
Post Date Oct 23, 2020
Therisk landscape is continuously changing due to market volatility, geopolitical
crises, widespread economic changes, regulatory reforms and cyber threats. As a
result, there has been increased pressure from the board of directors and
investors to effectively monitor and manage risk. In a world where risk is
everywhere, organizations look to us to transform their approach to risk and
turn it into a means not only to protect the enterprise, but to help them
create value.As amember of our Governance Risk and Compliance (GRC) national practice, you will
belong to a network of professionals helping our clients transform their risk
functions and implement technology solutions to provide executive leadership
with valuable insights for decision-making.
Youwill team with respected and experienced professionals and work directly with
our clients to help them identify important risks, design frameworks to manage
them, and improve the effectiveness andefficiency of risk management.
You will belong to a network of professionals helping our clients
transform their risk functions and implement GRC solutions that support risk management and governance.
We will support you with career-long training and coaching to
develop your skills in risk strategy, risk function design, risk management and
performance enhancement.Since EY is a global leading service provider in this space,
you will be working with the best people in a collaborative environment so that
whenever you join and for however long you stay, the exceptional EY experience
lasts a lifetime.
Skills and Attributes For Success
The role of a ServiceNow GRC Senior includes collaborating with other members of the engagement team to
coordinate, plan and deliver ServiceNow GRC projects. As you build knowledge and experience,
you’ll become a credible advisor to junior consultants to deliver work products
across the focus areas mentioned above within the organization as well as the client contacts.
Responsibilities include but are not limited
· Implementing ServiceNow GRC/IRM – Policy and Compliance
Management, Vendor Management, Risk Management and Audit Management, and other
risk management processes
· Advise clients on setting strategic business decisions to addressrisks impacting business performance.
· Advise clients on aligning risk and business objectives,
improvingcoordination and alignment of risk activities across the organization,andeffectively leveraging
GRC technology to respond to different risk scenarios.
· Deliver GRC technology enablement services to enable and automaterisk management processes
(i.e. risk assessments, risk mitigation strategies,and risk register, etc.)
· Design and develop enhancements for the existing GRC modules ofGRC tools,
and fix issues or defects which arise in the production environment.
· Consistently deliver quality client services; monitor progress, managerisk, and make certain that key
stakeholders are kept informed about progressand expected outcomes; stay abreast of current business and
industry trendsrelevant to our clients’ businesses
· Establish relationships with client personnel at appropriate levels
· Demonstrate in-depth technical capabilities and professional knowledge,
demonstrate ability to assimilate new knowledge
To qualify for the role, you must have
A bachelor's degree in Computer Science, Information Systems, Business, Finance, Engineering,
or a related field and 2 years of experience developing Information Technology risk management solutions.
Alternatively, must have a Master's degree in Computer Science, Information Systems, Business, Finance,
Engineering, or a related field and 1 year of work experience developing Information Technology risk management
· Experience building information risk management governance models &policies
· Experience building governance, risk and compliance processes (riskregister, risk-based asset profiling,
control management, controls testing,issues management, policy exceptions)
· Experience developing unified control frameworks across relevantregulatory
and business standards(e.g., NIST, ISO, CCPA, PCI-DSS, COBIT, etc.)
· An understanding of and implementation experience with a variety of
GRCtools (e.g., GRC, RSA Archer, ServiceNow)
· Experience with the assessment, design and implementation of risk management
and compliance programs,including risk governance, risk appetite and risktolerance,
risk assessment and risk mitigation strategies; integration of riskmanagement and strategic
and business planning processes; and integration ofrisk management functions
Ideally, you’ll also have
· Prior experience as a consultant or client-serving professional
· Familiarity with reporting tools (e.g., Spotfire, PowerBI)
· CISSP, CISA, CRISC or other relevant certification desired
· Big Four experience is a plus with IT risk, compliance or securitymanagement experience
· GRC Solutions Expertise: Hands on experience implementingServiceNow GRC/IRM
and different use cases such as Policy and Compliance,Audit, Risk and Vendor Risk Management
EY provides equal employment opportunities to applicants and employees without regard to race, color, religion, age, sex, sexual orientation, gender identity/expression, national origin, protected veteran status, disability status, or any other legally protected basis, in accordance with applicable law.