Process Improvement Consultant - ServiceNow/Risk & Control Self‑Assessment

About The Position

Requirements

• Successful candidates must demonstrate appropriate knowledge, skills, and abilities for a role.
• Roles at this level typically require a university / college degree, with 3+ years of relevant / direct industry experience.
• Certifications are often desired.
• In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Nice To Haves

• Experience supporting Risk & Control Self‑Assessments (RCSA) within ITSM environments, including risk identification, inherent and residual risk assessment, control mapping, and issue remediation in alignment with enterprise risk frameworks.
• Hands‑on experience leveraging ServiceNow ITSM modules (Incident, Change, Problem, CMDB, etc.) and enterprise GRC tools (e.g., Archer) to document risks, controls, evidence, and metrics with precision and consistency.
• Ability to design, document, and assess control effectiveness, perform control evidence reviews, identify gaps, and track remediation efforts in collaboration with Internal Audit and Second Line Risk teams.
• Technical writing skills with experience producing clear, audit‑ready documentation such as risk statements, control narratives, RCSA summaries, dashboards, and executive‑level risk reporting aligned to regulatory and policy standards.
• Exceptional attention to detail and communication skills, with the ability to analyze KRIs/KPIs, identify trends and emerging risks, and partner effectively across ITSM process owners, Risk Management, Audit, and Governance stakeholders at varying levels of seniority.
• Change Management
• Corporate Governance
• Data Analytics
• IT Service Management (ITSM)
• Key Performance Indicators (KPI)
• Process Efficiencies
• Process Improvements
• Risk Assessments
• RSA Archer
• ServiceNow Platform
• Analytical Thinking
• Consulting
• Effective Communications
• Flexibility and Adaptability
• Influencing
• Organizational Change Mgt
• Organizational Savvy and Politics
• Problem Solving
• Project Management

Responsibilities

• Support execution of ITSM RCSA cycles, including risk identification, inherent risk assessment, control mapping, and residual risk evaluation.
• Partner with ITSM process owners (Incident, Problem, Knowledge, Change, Asset, Configuration, Request, etc.) to: Identify key operational and technology risks Document risks in enterprise risk tools (e.g., Archer, GRC platforms) Maintain risk statements, causes, impacts, and control relationships in accordance with enterprise risk taxonomy.
• Document and maintain key controls aligned to ITSM processes and regulatory / policy expectations.
• Perform control design and operational effectiveness assessments, including: Control evidence review Gap identification and remediation tracking Support issue management for control deficiencies, audit findings, and risk events. Coordinate with Internal Audit and Second Line Risk during reviews and validations.
• Develop, maintain, and report ITSM risk metrics, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs) Ensure metrics are Enterprise‑sourced, well-defined with thresholds and escalation criteria, aligned to ITSM control objectives Analyze trends, breaches, and emerging risks; provide clear executive‑level summaries and visualizations.
• Prepare RCSA summaries, control status reports, and metric dashboards for management and risk committees. Support regulatory, audit, and compliance responses related to ITSM risk and controls. Ensure ongoing alignment with enterprise risk frameworks, policies, and standards.
• Identify opportunities to enhance ITSM risk coverage, control maturity, and metric quality. Drive consistency and standardization across ITSM processes for risk and control documentation. Promote a risk‑aware culture within ITSM teams.

Benefits

• PNC offers a comprehensive range of benefits to help meet your needs now and in the future.
• Depending on your eligibility, options for full-time employees include: medical/prescription drug coverage (with a Health Savings Account feature), dental and vision options; employee and spouse/child life insurance; short and long-term disability protection; 401(k) with PNC match, pension and stock purchase plans; dependent care reimbursement account; back-up child/elder care; adoption, surrogacy, and doula reimbursement; educational assistance, including select programs fully paid; a robust wellness program with financial incentives.
• In addition, PNC generally provides the following paid time off, depending on your eligibility: maternity and/or parental leave; up to 11 paid holidays each year; 9 occasional absence days each year, unless otherwise required by law; between 15 to 25 vacation days each year, depending on career level; and years of service.
• To learn more about these and other programs, including benefits for full time and part-time employees, visit pncthrive.com .