Key skills
ServiceNowAIAgenticLeadership
About this role
Role Overview
- Define and execute a GRC roadmap, leading governance, risk, and compliance programs.
- Design and maintain the enterprise risk register, partnering with business leaders to identify, quantify, and mitigate risks.
- Manage compliance with frameworks (ISO 42001, ISO 27001, ISO 27701, ISO 27017, and SOC2, and CIS Controls) and drive continuous compliance rather than just annual audits.
- Build and manage a right-sized vendor risk program, assessing vendor maturity and reviewing security contracts.
- Enable ZoomInfo transaction velocity and ensure customer service by building customer trust and rapidly responding to inquiries.
- Leverage Agentic AI and GRC platforms (ServiceNow GRC, Vanta, and others) to automate processes, generate metrics, and deliver executive dashboards.
- Act as the key liaison between Security, Legal, Product, and executive leadership to align risk posture with business objectives.
Requirements
- 10+ years in info security/GRC, including 5+ years in a senior leadership role.
- Deep knowledge of risk frameworks (NIST AI RMF) and security compliance standards (ISO, SOC 2).
- Proven track record of scaling security teams, maturing programs, and building "security-by-design" cultures.
- Ability to translate complex technical risks into business-relevant context for executive leadership and customers.
- Bachelor’s degree in a relevant field (Master’s/PhD preferred).
- CISSP, CISM, CRISC, or CISA strongly preferred.
Tech Stack
- ServiceNow
Benefits
- Health insurance
- Professional development