[Remote] Senior Information Security Engineer
Note: The job is a remote job and is open to candidates in USA. Prodware Solutions is a company focused on integrating ServiceNow and Governance, Risk, and Compliance (GRC) solutions. They are seeking a Senior Information Security Engineer to lead the implementation of ServiceNow Integrated Risk Management and Third-Party Risk Management modules, focusing on translating business requirements into scalable configurations and supporting end-to-end implementation activities.
Responsibilities
- This individual will serve as GRC ServiceNow Implementation Lead for the implementation/execution of Snow IRM and TPRM modules used by the cyber GRC teams
- They will be responsible for working with GRC and other internal teams (and the implementation partner) to provide input into functional design, configuration, and rollout of ServiceNow Integrated Risk Management and Third-Party Risk Management capabilities in alignment with enterprise GRC processes and objectives
- The role leads the translation of business requirements into scalable platform configurations by converting policies into control logic, risk appetite into scoring models, and regulatory requirements into workflow-driven processes
- They support end-to-end implementation activities, including configuring risk frameworks, control structures, third-party lifecycles, and issue management processes, while overseeing workflow design, approvals, routing, and reporting capabilities
- The role also contributes to testing and validation efforts by supporting user acceptance testing, identifying and triaging configuration issues, and ensuring quality and consistency across modules
- Additionally, the individual may document design decisions, configuration rationale, and operating procedures to support long-term sustainability and audit readiness, while serving as a key liaison across cyber risk, compliance, audit, and technology teams to ensure cohesive delivery of IRM and TPRM capabilities
Skills
- 3–5 or more years of hands-on experience implementing ServiceNow Integrated Risk Management (IRM) and TPRM solutions
- Direct exposure to Risk Management, Policy and Compliance, Issue Management, and Third-Party Risk Management (TPRM) capabilities
- Broader Governance, Risk, and Compliance (GRC) experience in areas such as cyber risk, regulatory compliance, audit, or third-party risk
- Strong understanding of frameworks such as NIST, ISO 27001, SOC, and SOX
- Familiarity with first-, second-, and third-line operating models
- Ability to translate business and regulatory requirements into scalable system configurations
- Strong functional implementation experience, including leading design workshops, advising on out-of-the-box versus customized solutions, supporting user acceptance testing, and triaging configuration issues
- Solid knowledge of the ServiceNow platform, including data models, workflows, reporting, and access controls
- Comfortable documenting design decisions and operating procedures
- Effective communication with cross-functional stakeholders across GRC, IT, audit, and vendor management teams
- Knowledge of ServiceNow is more important than GRC but both are required
- Any ServiceNow training would be good to have
- CISA or C-risk certifications are preferred
Company Overview
Company H1B Sponsorship