We’re looking for a hands-on ServiceNow GRC Analyst to join a growing Security organization and support the implementation of an established security control framework across SaaS applications. This is an execution-focused role, not a strategy or architecture position. The team has already identified the controls and aligned them to the appropriate framework. This role will focus on operationalizing those controls in ServiceNow, working closely with system owners and technical leads to document, validate, and track compliance—while intentionally excluding physical security–related controls and documenting the rationale for exclusions. This is a fast-paced environment (“drinking from the firehose”), ideal for someone who can quickly get the lay of the land, follow defined processes step by step, and move work forward independently.
Must Haves
5–8 years of hands-on ServiceNow experience
- Strong emphasis on manual, operational work (not a strategic or design-focused role)
- ServiceNow GRC module experience
Ability to work directly within the GRC module to track controls, assessments, and evidence
- Security fundamentals
- Strong enough security knowledge to implement an existing security plan, not create one
Experience working with SaaS applications
- Must understand how to scope and assess SaaS controls
Ability to execute against predefined controls
- Controls are already identified and aligned to a framework
- Candidate will perform first-pass assessments and follow documented steps
Strong communication and interpersonal skills
Comfortable working with:
- System Owners (business-facing stakeholders)
- Technical Leads / DTE teams
5-10 years96
Get Personalized Job Matches with 1 Click
Job Description
Download ResumeWe’re looking for a hands-on ServiceNow GRC Analyst to join a growing Security organization and support the implementation of an established security control framework across SaaS applications. This is an execution-focused role, not a strategy or architecture position. The team has already identified the controls and aligned them to the appropriate framework. This role will focus on operationalizing those controls in ServiceNow, working closely with system owners and technical leads to document, validate, and track compliance—while intentionally excluding physical security–related controls and documenting the rationale for exclusions. This is a fast-paced environment (“drinking from the firehose”), ideal for someone who can quickly get the lay of the land, follow defined processes step by step, and move work forward independently.
Must Haves
5–8 years of hands-on ServiceNow experience
- Strong emphasis on manual, operational work (not a strategic or design-focused role)
- ServiceNow GRC module experience
Ability to work directly within the GRC module to track controls, assessments, and evidence
- Security fundamentals
- Strong enough security knowledge to implement an existing security plan, not create one
Experience working with SaaS applications
- Must understand how to scope and assess SaaS controls
Ability to execute against predefined controls
- Controls are already identified and aligned to a framework
- Candidate will perform first-pass assessments and follow documented steps
Strong communication and interpersonal skills
Comfortable working with:
- System Owners (business-facing stakeholders)
- Technical Leads / DTE teams