Information Security Consultant

Job Summary

Working remotely on a 12+ month contract, the Information Security Consultant will lead the implementation of ServiceNow Integrated Risk Management and Third-Party Risk Management modules, translating business requirements into scalable configurations and overseeing end-to-end implementation activities.

Key responsibilities

• Serve as GRC ServiceNow Implementation Lead, collaborating with internal teams to design, configure, and roll out ServiceNow modules
• Translate business and regulatory requirements into scalable platform configurations, including risk frameworks and workflows
• Support user acceptance testing and documentation of design decisions and operating procedures to ensure quality and audit readiness

Required qualifications

• 3-5 years of hands-on experience with ServiceNow Integrated Risk Management and Third-Party Risk Management solutions
• Strong understanding of Governance, Risk, and Compliance frameworks such as NIST, ISO 27001, SOC, and SOX
• Experience in translating business requirements into system configurations and workflows
• Solid knowledge of the ServiceNow platform, including data models, workflows, and reporting
• Ability to effectively communicate with cross-functional stakeholders across GRC, IT, audit, and vendor management teams