Staff Cybersecurity Auditor | Customer Audits

About Digital Technology & The SSO

We’re not yesterday’s IT department, we're Digital Technology. The world around us keeps changing and so do we. We’re redefining what it means to be IT with a mindset centered on transformation, experience, AI-driven automation, innovation, and growth.

We’re all about delivering delightful, secure customer and employee experiences that accelerate ServiceNow’s journey to become the defining enterprise software company of the 21st century. And we love co-creating, using, and highlighting our own products to do it.

Ultimately, we strive to make the world work better for our employees and customers when you work in ServiceNow Digital Technology, you work for them.

The ServiceNow Security Organization (SSO) delivers world-class, innovative security solutions to reduce risk and protect the company and our customers. We enable our customers to migrate their most sensitive data and workloads to the cloud, accelerating our business so that we are the most trusted SaaS provider. We create an environment where our employees are proud to work and can make a positive impact

Description

We are seeking a Staff Cybersecurity Auditor | Customer Audits person who will be instrumental in developing our customer facing audit competency.

The role requires the candidate can communicate effectively with customers (internal and external) to discuss and resolve compliance and security issues, engaging technical and non-technical audiences. The candidate will be required to maintain diligent records, draft detailed reports, and documentation on all audit efforts.

The successful candidate will be able to work independently, reporting, and escalating issues as needed. Having a bias toward automation and digitisation of the audit experience, removing manual effort wherever possible, is desirable.

What you get to do in this role:

• You will manage a set of Audits following a standard audit lifecycle and annual cadence, managing customer auditors, facilitating SME (Subject Matter Expert) interviews and evidence gathering, delivering a full audit experience to customers to meet their framework or regulatory needs.
• The role requires significant understanding of the technology stack that underpins a Cloud Service Provider (CSP) and a Software as a Service Provider (SaaS), from design to operation, and interaction with the teams involved in these engineering and operational activities.
• You will work with business operations of a multinational enterprise, including relevant activities in Finance, ESG (Environmental, Social and Governance), DEI (Diversity, Equity, and Inclusion) (Diversity, Equity, and Inclusion), HR (Human Resources), Management.
• The successful candidate will need understand the required elements of a functional ISMS (Information Security Management Systems) and be able to discuss these elements with confidence to a technical, external audience.

Requirements

To be successful in this role, we need someone who has:

• One or more of the following industry certifications/degrees:
• CISSP, CCSP, CompTIA, CISM, ISO 27001 Lead Auditor, CISA (Cybersecurity and Infrastructure Security Agency):
• Degree in Information Technology
• Degree in Cybersecurity
• Degree in Law
• 7+ years working in the field of compliance or audit with a strong technical understanding of IT Infrastructures and Operations
• Strong understanding of cloud environments, networking, security authorization boundaries,
• Strong understanding NIST (National Institute of Standards and Technology) 800-53 security controls.
• Strong Understanding of ISO 27001 security controls.
• Ability to understand the intent of compliance requirements to provide effective and meaningful analysis.
• Excellent verbal and written communication skills.
• Prior experience of working in the Security and Compliance group at a SaaS/Cloud company or with Security & Risk practice preferred. Be able to work effectively with other members of our organization to drive results, to include remote teams.

#DTjobs

#SecurityJobs