Job Description - ServiceNow GRC SME (5+ Years Experience)
Job Location: Riyadh - KSA We are looking for an experienced ServiceNow GRC SME with strong expertise in ServiceNow GRC implementation, information security, risk, compliance, and audit management.
Key Requirements
- Must have hands-on ServiceNow GRC implementation experience with a minimum of 4 end-to-end implementation projects
- Must possess relevant certifications such as ISO, CISA/CISM, and ITIL
- Should have project management experience in ServiceNow GRC programs and implementations
- Should have experience in internal and external audits within the ServiceNow GRC domain
Technical Expertise
- Should have strong experience in control mapping, control design, and control testing using ServiceNow GRC
- Should have experience in risk assessment and risk management in ServiceNow GRC
- Should have expertise in GRC KRAs, KPIs, dashboard preparation, and management reporting in ServiceNow GRC
- Should have working knowledge of SecOps, Third-Party Risk Management (TPRM), and Business Continuity Management (BCM), preferably integrated with ServiceNow GRC
Regulatory & Compliance Knowledge
Must have experience working with the
Saudi Arabia Information Security Regulatory Framework, especially frameworks related to:
- Information Security
- Artificial Intelligence
- Cloud Security
Should have knowledge of key Saudi regulatory and governance frameworks, including:- NCA Essential Cybersecurity Controls (ECC)
- NCA Cloud Cybersecurity Controls (CCC)
- Saudi Personal Data Protection Law (PDPL)
- SDAIA AI Ethics Framework
- SAMA cybersecurity-related frameworks, where applicable
Must have excellent communication skills in both English and Arabic.