Director of Governance, Risk and Compliance Program Management
About The Position
The Director of Governance, Risk and Compliance (GRC) Program Management is responsible for the design, operation, and continuous maturity of the company’s enterprise compliance governance framework. This role enables effective oversight across all compliance programs by establishing consistent governance structures, integrated reporting, and scalable processes supported by ServiceNow IRM. Acting as a central orchestration function, this role partners closely with compliance program owners, Enterprise Risk, Internal Audit, Information Security, Privacy, HR, Legal, and business leaders to ensure compliance programs operate in a coherent, transparent, and audit-ready manner. The Director also serves as the business owner for ServiceNow GRC as it relates to compliance governance and reporting.
Requirements
- 10+ years of experience in governance, risk, compliance, internal audit, or related disciplines within a global, matrixed organization
- Strong functional knowledge of ServiceNow IRM modules, including Risk Management, Policy & Compliance, Issues Management, Audit Management, and Reporting
- Experience operating or managing enterprise GRC frameworks and supporting executive governance committees
- Ability to translate governance and reporting requirements into clear functional specifications for IT and platform teams
- Solid understanding of enterprise GRC data models, taxonomies, and control frameworks
- Demonstrated ability to influence cross-functional stakeholders without direct authority
- Strong analytical skills with the ability to convert data into executive-ready insights
- Highly organized, process-driven, and detail-oriented while maintaining an enterprise-wide strategic perspective
- Excellent written and verbal communication skills in a complex, matrixed environment
- Bachelor’s degree in Business, Risk Management, Information Systems, Legal, or related field; advanced degree preferred
Responsibilities
- Design and continuously enhance the enterprise compliance governance framework (charters, operating models, roles, escalation pathways)
- Align compliance governance with enterprise risk, audit, and security frameworks
- Own governance standards, documentation, and lifecycle management
- Partner with compliance program owners (Privacy, Trade & Sanctions, InfoSec, etc.) to operationalize governance expectations
- Standardize how risks, controls, issues, and remediation activities are defined, measured, and reported
- Provide hands-on guidance for ServiceNow GRC risk assessments, issue management, and evidence tracking
- Serve as the business and governance owner of ServiceNow IRM
- Define taxonomies, workflows, reporting structures, and governance data standards
- Partner with IT to manage enhancements, integrations, roadmap priorities, and platform improvements
- Drive adoption through training, documentation, and stakeholder enablement
- Lead governance and execution of annual compliance training and attestation programs
- Partner with HR, Legal, Compliance, and Learning teams to define regulatory and policy requirements
- Oversee deployment and reporting via enterprise systems (LRN, ServiceNow, LMS integrations)
- Ensure audit-ready evidence, timely completion tracking, and escalation of non-compliance
- Establish and monitor key metrics (completion rates, exceptions, escalations)
- Deliver integrated compliance and risk reporting for governance committees
- Translate complex GRC data into executive-ready insights
- Track actions and follow-through to support governance effectiveness
- Lead communications and change initiatives tied to governance processes and tooling
- Advise senior leaders on governance maturity and risk visibility
- Drive alignment across global, cross-functional teams without direct authority
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
