61939: Adv-IT Gov, Risk & Compliance

POSITION OVERVIEW:

Responsible for administering, maintaining, and enhancing the Enterprise Policy, Standards, and Controls Framework. Coordinates with content owners, manager intake and approval workflows, and support exception processes to maintain strong governance across the enterprise.

ESSENTIAL JOB DUTIES/RESPONSIBILITIES:

• Administer and maintain the InfoSec Policy, Standards, and Controls Framework.
• Manage the end-to-end intake, review, and approval workflow for new or updated policies, standards, and controls.
• Coordinate updates with designated content owners and ensure timely publication and version tracking.
• Ensure governance artifacts align with regulatory requirements, security best practices, and internal risk posture.
• Oversee and process standards exception requests, ensuring requests are well-documented, risk-assessed, and routed appropriately for approval.
• Track exception lifecycle, communicate status to stakeholders, and ensure mitigation plans or compensating controls are captured.
• Identify where AI suggestions require clarification, correction, or escalation
• Partner with the security assessment resources to improve the quality and consistency of AI-assisted outputs.
• Serve as a key point of contact for inquiries related to policies, standards, and control requirements.
• Build strong relationships with content owners, SMEs, risk teams, and operational partners.
• Communicate changes in governance documentation clearly and effectively to impacted stakeholders.
• Support training, awareness, and documentation initiatives to increase organizational understanding of InfoSec Policies, Standards and Controls.
• Help improve workflows, templates, and governance processes for efficiency and scalability.
• Leverage ServiceNow workflows-to track requests, manage documentation, and improve transparency.
• Partner with platform teams to refine the use of AI/automation within the governance process.
• Comply with all applicable laws/regulations, as well as company policies/procedures.
• Perform other duties as assigned.

Disclaimer: This job description is general in nature and is not designed to contain or to be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to the job.

QUALIFICATIONS:

• Bachelor's Degree/Equivalent in Business, Computer Science, Information Systems or related field
• Five (5) years of experience in information security or governance risk and compliance environment.

• Experience in Information Security, Governance, Risk, and Compliance (GRC), IT Risk Management, Compliance, or similar roles.
• Ability to interpret and work with Information Security policies, standards, and control language.
• Effective communication and people skills; comfortable working with diverse stakeholders including technical SMEs, leadership, and auditors.
• Familiarity with AI concepts and the ability to review, validate, and improve AI-generated assessments.
• Strong organizational skills with diligence and ability to manage multiple concurrent efforts.
• Experience working with ServiceNow GRC/IRM (Integrated Risk Management) modules.
• Experience performing control assessments, risk evaluations, or compliance reviews using NIST CSF 2.0 framework.
• Familiarity with control lifecycle management (creation, mapping, attestation, testing, remediation tracking).
• Experience coordinating with auditors, risk owners, or control owners in a structured GRC environment.
• Understanding of the relationships between risks, controls, mitigation plans, exceptions, and compliance obligations.
• Experience working in organizations with maturing GRC programs.

Strong experience supporting enterprise governance, risk, and compliance programs, with the ability to manage policy, standards, and exception processes in a structured environment. Demonstrated skill in working across teams, improving governance processes, developing metrics and evaluating emerging technologies (including AI) to enhance accuracy, consistency, and efficiency.

JOB CONDITIONS:

• Some travel required

Pay Transparency:
The compensation listed reflects the pay range or rate of pay reasonably expected for this posted position at the posted location(s). If this opportunity includes multiple job levels, the pay information represents the minimum and maximum range for all levels. Actual pay is determined by job-related factors permitted by law and relevant to the position, such as experience, tenure, market level, pay at the location for this job, performance, schedule, and work assignment. Eligible employees offered health, vision, dental, life, AD&D, STD and LTD insurance, employee assistance program, personal/sick paid time, 401(k) retirement savings plan, bonus potential, tuition reimbursement, adoption assistance, 2 weeks paid parental leave, paid bereavement, employee discounts, 6.67-13.34 hours vacation per month based on service time, 8 paid holidays.

Pay Range: $83,799.00 - $160,894.00 per year

Colorado Pay Ranges: Colorado Springs, Grand Junction $89,665 - $143,465; Henderson, Mead $94,693 - $151,509; Gypsum $100,559 - $160,894

Illinois Pay Ranges: Effingham, Kankakee, Lincoln, Quincy, Rockford, Aurora $89,665 - $143,465; Bolingbrook, Chicago Heights, Des Plaines, Elmhurst, Forest View, Joliet, Schaumburg, Summit-Argo, Zion $100,559 - $160,894

New York Pay Ranges: Plattsburgh, Buffalo, Watertown, North Chili, East Syracuse, Nichols $89,665 - $143,465; Bethpage, Montgomery, West Babylon $100,559 - $160,894

New Jersey Job Postings: $83,799.00 - $130,727.00 per year
This compensation range is a reasonable estimate of the current starting pay range in NJ. If this opportunity includes multiple job levels, the range is a reasonable estimate of the current starting salary for the lowest level to the current starting salary of the highest level. Actual starting pay is determined by experience relative to the job, market level, specific location and other job-related factors permitted by law. Regular full & part-time employees (who complete 91 days of employment and work a minimum average of 12 hours per week) are eligible to enroll in medical, dental, and/or vision coverage, tuition reimbursement. Full/part-time employees who are age 21 are eligible for 401(k) after one month of employment.