Director, Compliance Engineering | 30566 Engineering,
Infrastructure and Operations Santa Clara, California San Diego,
California Kirkland, Washington
Job Title: Director, Cloud Compliance Engineering
Work matters. It’s where we spend a third of our lives, and
fortunately, the workplace of the future is going to be a great
place. We’re dedicated to bringing that to life for people
everywhere. That’s why we put people at the heart of everything we
People matter. Our people have a passion for learning, building,
and innovating. Whether you’re an engineer, a sales professional, a
finance professional, or anything in-between, our roles aim to
provide each person with meaningful impact and plenty of space to
The Director, Cloud Compliance Engineering, will be responsible
for architecting and defining technical strategy, and leading
program management for the Cloud Compliance Engineering team. This
team’s function includes designing and implementing a common
control framework, deploying and managing control monitoring
testing and automation, and analyzing compliance changes to product
application, platform, and infrastructure for ServiceNow’s cloud
offerings, globally. This role will work collaboratively across
compliance, engineering, sales, operations, privacy, security, and
governance functions to design, build, and execute a world-class
compliance management program while utilizing the ServiceNow
platform. The Director, Cloud Compliance Engineering, will
collaborate with these teams and additional groups across the
company on an ongoing basis, to continuously monitor and ensure
ServiceNow products and services address compliance requirements,
and that controls are designed and operating as intended in the
This role will also define and execute strategy and product
support for customer regulatory and compliance control
capabilities. Based on best-practices defined by the Cloud
Compliance Engineering program, this role will build capabilities
to enable customers to streamline and achieve compliance objectives
when using ServiceNow. Enablement capabilities include cross-group
collaboration and development of trust-related documentation and
tools such as: compliance strategies and approach documentation,
compliant reference architectures, GRC configuration guidelines,
and continuous monitoring design for customer and shared control
responsibilities. This role will report to the Sr. Director of
Cloud Governance, Compliance & Certification.
What you get to do in this role:
Establish best in class processes, operations, engineering &
automation for managing and monitoring compliance at the cloud
Application, Platform, and Infrastructure levels.
Lead strategy and execution of the cloud Common Control
Framework (CCF) and Continuous Control Monitoring (CCM) programs to
address current domains (i.e. Security, Privacy, Quality,
Sustainability and Accessibility) and third party
attestations/certification (i.e. ISO 27001, ISO 27017, ISO 27018,
ISO 27701, SOC 1, SOC 2, NIST 800-53, MTCS, IRAP, German C5 and
Develop and maintain policy and procedures that drives key
Drive compliance onboarding and significant change request
process along with cloud risk management teams to identify new
product applications, features, deployments, and functionality to
ensure timely inclusion in compliance programs and
Evangelize CCF to drive control owner awareness and education to
ensure controls are implemented, maintained and compliant.
Develop and lead new domain/certification ingestion process for
new standards, regulations and/or other requirement sets presented
to address regulated markets, risk mitigation and/or company
Drive efficiency in the compliance process through automation
and rationalizing configuration / code-based compliance controls
over manual process and controls.
Work with engineering teams on new cloud and datacenter
deployments, addressing compliance requirements as part of initial
design and deployment.
In order to be successful in this role, we need someone who
10+ years related experience, with 5+ years of hands on
leadership experience in Governance Risk and Compliance fields.
Deep understanding of commercial certification and attestation
to include SOC 1, SOC2, ISO 27001, ISO 27701, PCI-DSS, HITRUST,
Singapore MTCS, and Australia IRAP
Strong understanding of Federal compliance certifications and
requirements such as NIST 800-53 and FedRAMP is a plus.
Experience and demonstrated understanding of other global cloud
certifications such as German C5, France HDS, France SecNumcloud,
India Meity, and S. Korea K-ISMS is a plus.
Demonstrated ability to build out scalable compliance systems
and processes for complex environments and regulations.
Demonstrated ability to build and lead product development.
Product development around compliance / GRC tooling a plus.
Deep understanding of compliance audit testing and design of
Strong understanding of security and regulatory objectives,
control automation, and building scalable control implementations
for multiple cloud environments a plus.
Self-motivated, self-directed, and able to thrive in a
fast-paced environment with a passion to make an impact.
Ability to work across the organization to evangelize and
influence company compliance efforts.
Demonstrated ability to interface successfully with customers
and engineering teams in critical and challenging audits and
Strong leadership skills, strategy, analytical, problem solving,
decision-making; works under minimum direction.
Prior experience at a SaaS, Paas or IAAS Cloud company.
Master’s degree or related experience; certifications highly
Willing to travel up to 25%+ is required.
EEOE Statement Section
ServiceNow’s EEOE statement is automatically added to each U.S.
based job description.
ServiceNow is an Equal Employment Opportunity Employer. All
qualified applicants will receive consideration for employment
without regard to race, color, religion, sex, sexual orientation,
national origin, age, disability, gender identity, or veteran
status. If you are an individual with a disability and require a
reasonable accommodation to complete any part of the application
process, or are limited in the ability or unable to access or use
this online application process and need an alternative method for
applying, you may contact us at email@example.com
You have been redirected to a ServiceNow job page