Process Improvement Consultant - ServiceNow/Risk & Control Self‑Assessment

About The Position

Requirements

• Experience supporting Risk & Control Self‑Assessments (RCSA) within ITSM environments, including risk identification, inherent and residual risk assessment, control mapping, and issue remediation in alignment with enterprise risk frameworks.
• Hands‑on experience leveraging ServiceNow ITSM modules (Incident, Change, Problem, CMDB, etc.) and enterprise GRC tools (e.g., Archer) to document risks, controls, evidence, and metrics with precision and consistency.
• Ability to design, document, and assess control effectiveness, perform control evidence reviews, identify gaps, and track remediation efforts in collaboration with Internal Audit and Second Line Risk teams.
• Technical writing skills with experience producing clear, audit‑ready documentation such as risk statements, control narratives, RCSA summaries, dashboards, and executive‑level risk reporting aligned to regulatory and policy standards.
• Exceptional attention to detail and communication skills, with the ability to analyze KRIs/KPIs, identify trends and emerging risks, and partner effectively across ITSM process owners, Risk Management, Audit, and Governance stakeholders at varying levels of seniority.
• Customer Focused - Knowledgeable of the values and practices that align customer needs and satisfaction as primary considerations in all business decisions and able to leverage that information in creating customized customer solutions.
• Managing Risk - Assessing and effectively managing all of the risks associated with their business objectives and activities to ensure they adhere to and support PNC's Enterprise Risk Management Framework.
• University / college degree, with 3+ years of relevant / direct industry experience.
• In lieu of a degree, a comparable combination of education, job specific certification(s), and experience (including military service) may be considered.

Nice To Haves

• Change Management
• Corporate Governance
• Data Analytics
• IT Service Management (ITSM)
• Key Performance Indicators (KPI)
• Process Efficiencies
• Process Improvements
• Risk Assessments
• RSA Archer
• ServiceNow Platform

Responsibilities

• Support execution of ITSM RCSA cycles, including risk identification, inherent risk assessment, control mapping, and residual risk evaluation.
• Partner with ITSM process owners (Incident, Problem, Knowledge, Change, Asset, Configuration, Request, etc.) to identify key operational and technology risks, document risks in enterprise risk tools (e.g., Archer, GRC platforms), and maintain risk statements, causes, impacts, and control relationships in accordance with enterprise risk taxonomy.
• Document and maintain key controls aligned to ITSM processes and regulatory / policy expectations.
• Perform control design and operational effectiveness assessments, including control evidence review, gap identification and remediation tracking.
• Support issue management for control deficiencies, audit findings, and risk events.
• Coordinate with Internal Audit and Second Line Risk during reviews and validations.
• Develop, maintain, and report ITSM risk metrics, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
• Ensure metrics are Enterprise‑sourced, well-defined with thresholds and escalation criteria, aligned to ITSM control objectives.
• Analyze trends, breaches, and emerging risks; provide clear executive‑level summaries and visualizations.
• Prepare RCSA summaries, control status reports, and metric dashboards for management and risk committees.
• Support regulatory, audit, and compliance responses related to ITSM risk and controls.
• Ensure ongoing alignment with enterprise risk frameworks, policies, and standards.
• Identify opportunities to enhance ITSM risk coverage, control maturity, and metric quality.
• Drive consistency and standardization across ITSM processes for risk and control documentation.
• Promote a risk‑aware culture within ITSM teams.

Benefits

• medical/prescription drug coverage (with a Health Savings Account feature)
• dental and vision options
• employee and spouse/child life insurance
• short and long-term disability protection
• 401(k) with PNC match
• pension and stock purchase plans
• dependent care reimbursement account
• back-up child/elder care
• adoption, surrogacy, and doula reimbursement
• educational assistance, including select programs fully paid
• a robust wellness program with financial incentives
• maternity and/or parental leave
• up to 11 paid holidays each year
• 9 occasional absence days each year, unless otherwise required by law
• between 15 to 25 vacation days each year, depending on career level; and years of service.