Information Security Consultant

Information Security Consultant required for global organisation. You will be acting as ServiceNow GRC Specialist to support ongoing risk management and governance automation initiatives. You'll play a key role in designing, implementing, and optimizing ServiceNow's Governance, Risk, and Compliance (GRC) modules - helping to enhance visibility, streamline assurance processes, and align risk operations with international standards.

Key Responsibilities:

Implement and Configure ServiceNow GRC Modules

• Set up and customize applications such as Policy and Compliance Management, Risk Management, and Vendor Risk Management.
• Design workflows, dashboards, and reporting structures aligned to governance frameworks (eg ISO 27001, COBIT).

Process Design and Optimization

• Translate business and compliance requirements into ServiceNow-based solutions.
• Develop automated risk and compliance tracking controls.
• Streamline manual governance and audit tasks through process automation.

Stakeholder Collaboration

• Partner with risk officers, auditors, compliance teams, and IT stakeholders to gather requirements and ensure alignment.
• Deliver training and end-user support for GRC functionality.

Reporting and Analytics

• Build and maintain risk and compliance dashboards for leadership visibility.
• Deliver actionable insights into control effectiveness, risk exposure, and compliance posture.

Skills & Experience:

• Strong understanding of risk management frameworks (eg NIST, ISO 27001, COBIT).
• Proven expertise in ServiceNow administration and development, particularly within GRC modules.
• Sound knowledge of governance, regulatory compliance, and audit processes.
• Experience designing workflows, data models, and automation within ServiceNow.
• Excellent analytical and communication skills, able to bridge technical and business perspectives.