Cybersecurity Manager - ServiceNow

Overview

Cybersecurity Governance & Risk Manager

Director Cybersecurity, Risk & Assurance

department

Key Responsibilities

• Support the implementation and continuous improvement of the IT & Cybersecurity GRC framework aligned to business strategy and risk appetite
• Drive adoption of standardized cybersecurity governance and risk management practices across IT and Cybersecurity teams
• Provide clear and accurate cybersecurity risk and compliance insights to leadership to enable informed decision making
• Act as a key partner to Internal Audit, Compliance, Risk, and IT stakeholders on all cybersecurity GRC matters
• Implement and maintain cybersecurity policies, standards, procedures, and control documentation
• Manage the full lifecycle of IT and cybersecurity policies including review, approval, and updates
• Embed and support the cybersecurity risk ownership model with defined accountability and escalation mechanisms
• Operate and manage the ServiceNow IT GRC platform including workflows, records, and data quality
• Drive automation of governance, risk, and compliance processes to improve efficiency
• Develop dashboards and reports to provide visibility into risk posture, control effectiveness, and compliance status
• Coordinate control testing, evidence collection, and monitoring activities for critical controls
• Lead cybersecurity risk identification, assessment, treatment, and periodic review processes
• Maintain risk registers within the GRC tool and ensure alignment with enterprise risk registers
• Track remediation plans and ensure timely closure of risk treatment actions
• Support ISO 27001 and ISO 20000 certification maintenance including audit preparation and evidence management
• Coordinate responses to internal and external audits
• Track compliance obligations, audit findings, regulatory updates, and remediation activities
• Knowledge, skills & experience:
• 6–10 years of experience in cybersecurity governance, risk management, or compliance roles
• Strong experience supporting audits, certifications, and regulatory compliance activities
• Hands-on experience with GRC platforms, preferably ServiceNow GRC
• Experience working in large, complex, or regulated enterprise environments
• Strong understanding of risk assessment methodologies and governance frameworks
• Practical knowledge of ISO 27001 (mandatory) and ISO 20000 (preferred)
• Ability to configure and manage GRC tools including risk workflows, policy management, compliance tracking, and third-party risk management
• Experience in developing dashboards and risk analytics reports
• Strong documentation and process design skills with an audit-ready approach
• Clear communicator with strong stakeholder management skills and ability to present technical findings in business-friendly language

Availability