Senior Analyst - Vendor Risk Assessment
Service Now
Hyderabad, India
1d ago


Senior Analyst - Vendor Risk Assessment

ServiceNow is changing the way people work. With a service-orientation toward the activities, tasks and processes that make up day-to-day work life, we help the modern enterprise operate faster and be more scalable than ever before.

We’re disruptive. We work hard but try not to take ourselves too seriously. We are highly adaptable and constantly evolving.

We are passionate about our product, and we live for our customers. We have high expectations and a career at ServiceNow means challenging yourself to always be better.

What you get to do in this role :

We’re looking for a highly motivated, collaborative and technically experienced Security & Compliance Senior Analyst with ability to understand and influence Vendor Risk Assessment (VRA) processes, effectively communicate ServiceNow’s controls including intent, and drive changes within the organization through effective testing.

The successful candidate must be reliable, resourceful and have a can-do attitude.

You will be a key member of our team and play an important role in defining the Vendor Risk Assessment framework for a leading cloud company.

In this role you will be required to demonstrate ability to analyse difficult problems, think out-of-box and provide pragmatic solutions and recommendations.

ServiceNow VRA focuses on the security practices of the third parties used. VRA Senior Analyst will be involved in driving this process forward and measuring Vendor Risk Assessment process compliance.

Responsibilities :

  • Lead or assist with successful completion of vendor risk assessment activities
  • Work with vendors to address any remediation activities required following completion of the assessment.
  • Successfully project manage and drive testing activities across various teams within the organization
  • Able to manage internal teams for follow up within each assessment as it deems necessary
  • Contribute by enhancing and maturing the existing vendor risk assessment process
  • Perform activities to help measure and monitor compliance by third parties
  • Contribute in enhancing our VRA solution and processes to meet business needs
  • Develop / Enhance dashboard and KPI's for management level reporting
  • Partner within the Source to Settle global team to enhance overall Vendor Onboarding process
  • Participate in internal audits with regards to the VRA process
  • In order to be successful in this role, we need someone who has :

  • 7+ years working in the field of compliance or audit
  • Direct and recent working experience with at least two of the following compliance programs : ISO 27001, PCI, SSAE18, SOC2, HIPPA, 21 CFR Part 11, MTCS, IRAP and FISMA / FedRAMP
  • Prior experience of working in the Security and Compliance group at a SaaS / Cloud company
  • Relevant professional certifications such as CISSP, CISA, CISM, CIPP, GIAC, PMP
  • Ability to manage large projects
  • Prior experience with GRC systems,
  • Ability to understand the intent of compliance requirements to provide effective and meaningful analysis
  • Excellent report writing skills, ability to prepare compliance reports and associated metrics
  • Excellent verbal and written communication skills
  • Be able to work effectively with other members of the organization to drive results
  • Work Environment

    We provide competitive compensation, generous benefits and a professional atmosphere. This is a very collaborative and inclusive work environment where individuals strong on aptitude and attitude will have an opportunity to grow their professional careers through working with some of the most advanced technology and talented developers in the business.

    Add to favorites
    Remove from favorites
    My Email
    By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
    Application form