Be Part Of A High-Performing Team:

This opportunity sits within a cybersecurity GRC team at a large insurance-focused organization. The group partners closely with IT, Risk, Compliance, Legal, and Audit to operationalize security controls and policy governance across the enterprise. The team is lean, collaborative, and execution-driven—focused on strengthening control visibility, improving audit readiness, and scaling governance maturity through ServiceNow.

What’s In Store For You:

• Contract-to-hire with strong intent to convert for the right fit
• High visibility work supporting enterprise-wide control onboarding and framework alignment

How You Will Make An Impact:

• Administer the front-end ServiceNow GRC/IRM capabilities (Policy/Compliance/Controls) to ensure accurate configuration and effective daily operations
• Load and manage control objectives, control statements, and framework mappings in ServiceNow
• Partner with application owners and control stakeholders to align controls against enterprise assets and ensure consistent control ownership
• Coordinate ticketing workflows using ServiceNow ITSM concepts for intake, tracking, and stakeholder follow-through
• Support attestations, evidence coordination, and control-related responses across the organization
• Collaborate with IT application teams and back-end platform teams (advisory/enablement) to ensure controls are implemented and maintained appropriately
• Help scale governance maturity and reporting as the control onboarding program expands across stakeholders and leadership

Are you an experienced ServiceNow GRC administrator ready to make an impact?

• 3+ years hands-on experience with ServiceNow GRC/IRM (administration/operations focus)
• Proven experience supporting Policy/Compliance/Controls activities within ServiceNow (non-dev)
• Working knowledge of frameworks such as NIST 800-53, NIST CSF, and familiarity with SOX, SOC 1/2, HIPAA
• Comfortable working cross-functionally with technical and non-technical stakeholders
• Strong organization, documentation, and follow-through skills in a controls-heavy environment
• Nice-to-have: Security or audit-related certifications (Security+, CISA, CISSP, CISM, CGRC)

#dice