Define and maintain the enterprise architecture and future-state roadmap for the ServiceNow IRM platform, including Policy & Compliance Management, Risk Management, Audit Management, Issues Management, and Integrated Risk workflows.
Serve as the architectural authority for IRM design decisions, ensuring solutions are scalable, secure, compliant, and aligned with enterprise standards.
Translate regulatory, risk, audit, and business requirements into actionable ServiceNow IRM designs and patterns.
Advise senior leaders and stakeholders on platform capabilities, architectural trade-offs, and best practices.
Lead the design and implementation of complex ServiceNow IRM solutions, including scoped applications, workflows, data models, and reporting.
Configure and enhance control frameworks, attestations, evidence collection, risk assessments, and issue remediation workflows.
Drive adoption of out-of-the-box IRM capabilities while defining when custom solutions are appropriate.
Lead or support proofs-of-concept, pilots, and phased rollouts of new IRM capabilities.
Design and implement enterprise integrations between ServiceNow IRM and external systems (e.g., GRC tools, security platforms, ERP, HR, identity, asset, and cloud platforms).
Leverage REST/SOAP APIs, MID Server, ETL, or iPaaS solutions to enable secure and reliable data exchange.
Define and maintain data architecture, CMDB relationships, and risk/control data models to support enterprise reporting and decision-making.
Architect and implement automation strategies for control testing, attestations, evidence collection, and issue management.
Lead or support deployment of AI and advanced analytics capabilities within ServiceNow IRM, including GenAI, Predictive Intelligence, and Now Assist.
Identify opportunities to reduce manual effort, improve data quality, and increase audit and compliance efficiency through automation.
Requirements
5+ years of IT experience with GRC focus
5+ years of experience as a Solution Architect or Lead Architect for enterprise-scale ServiceNow implementations.
5+ years of hands-on ServiceNow IRM/GRC experience
Deep expertise in ServiceNow IRM modules, including Policy & Compliance, Risk Management, Audit Management, Issues Management, and Platform Analytics.
Strong understanding of risk, compliance, and control frameworks (e.g., NIST, ISO, SOX, CMMC).
Demonstrated experience designing enterprise integrations using REST/SOAP APIs, MID Server, ETL, or iPaaS.
Strong knowledge of ServiceNow data models, CMDB concepts, reporting, and platform performance best practices.
Excellent stakeholder management, communication, and influence skills, including engagement at Director and VP levels.
Bachelor's or higher degree in MIS or Information Security or equivalent degree