VP, Cloud Control Framework Governance Leader

Job Description:

The Vice President, Cloud Control Framework Governance Leader is responsible for leading the development, implementation, and ongoing management of Governance, Risk, and Compliance (GRC) and Integrated Risk Management (IRM) processes using the ServiceNow platform. This role will focus on technology-related risks and controls in public cloud environments.

This position requires a strong background in risk management, compliance, and audit, as well as process-oriented leadership and cross-functional awareness.

Key Responsibilities:

• Define the implementation and optimization strategy for ServiceNow IRM, focusing on establishing a centralized governance framework and implementing continuous monitoring of compliance and risk indicators.
• Oversight and integration of ServiceNow IRM with existing systems to drive efficiency.
• Develop a ServiceNow IRM implementation roadmap that aligns with industry standards and organizational goals.
• Map controls to both external industry frameworks and internal policies, including cross-mapping controls to meet requirements across multiple regulatory frameworks.
• Evaluate ServiceNow IRM's risk assessment capabilities to conduct automated risk assessments using both asset and process-centric methodologies.
• Determine qualitative and quantitative risk scores informed by service performance data.
• Collaborate with a small team of Governance professionals to ensure proper implementation of cloud controls.
• Provide technical leadership to the GRC development team, guiding them in implementing solutions.
• Provide fact-based insights utilizing data visualization tools like Tableau to create insightful risk and compliance dashboards.
• Champion adherence to internal requirements, regulatory requirements, and industry best practices.

Qualifications/Requirements:

• Minimum of 8 years of experience in a technology governance or engineering role.
• 5 years of experience implementing GRC/IRM functions.
• 7 years of experience in audit, compliance, or risk management with a proven track record of implementing GRC programs, process improvements, and platforms.
• 3 years of operating in a cloud environment, preferably AWS and/or Azure.
• Understanding of risks and controls in cloud environments, including regulatory/compliance frameworks.
• Experience driving cross-functional collaboration.
• Experience managing large complex GRC projects, including resource allocation, timeline management, and status reporting.