Senior Security & Risk Management Specialist

Reinsurance Group of America, IncorporatedRemote, Missouri, United States of America, MO
$89,310 - $134,870Remote

About The Position

Under limited supervision, this role acts as a strategic bridge between technical security controls and enterprise compliance and risk requirements as part of a ServiceNow IRM/GRC implementation team supporting the Global Security Office (GSO) and Enterprise Risk initiatives. The primary accountability is for automating, designing, configuring, and sustaining scalable IRM capabilities while adhering to security frameworks within the ServiceNow platform. This position requires practical experience translating regulatory, risk, audit, and compliance requirements into production-ready platform configurations, mappings, workflows, data models, and reporting analytics, not just advisory guidance. This includes requirements validation against user stories, UAT coordination, agile testing support, and release readiness. The role requires a strong analytical and problem-solving approach to operationalize GRC lifecycles—including policy, compliance, risk, audit, and regulatory change management—and to clearly communicate complex IRM concepts and design decisions to both technical teams and business stakeholders. Stakeholder enablement is supported through role-based training, job aids, and awareness communications. Responsibilities include monitoring and evaluation of control, regulatory, and security processes to ensure assurance over global systems and data, leveraging advanced understanding of ServiceNow IRM/Audit functionality, CMDB and entity modeling fundamentals, and an in-depth understanding of ServiceNow platform dependencies and integrations.

Requirements

  • Bachelor’s degree or equivalent experience - Required
  • 4+ years' relevant experience in IT security, privacy, audit, controls and regulatory compliance, or related experience. - Required
  • Deep understanding of ServiceNow platform and its capabilities, dependencies with proficiency in ServiceNow administration and development and architectural requirements with experience in Version(s) after Yokohama - Required
  • ServiceNow GRC framework and process administration (Regulatory Change Management a plus) - Required
  • General knowledge of business and technology operations; ability to work well within a team setting and maintain a high level of confidentiality - Required
  • Intermediate knowledge of global standards and regulations regarding security, privacy, and fraud. - Required
  • Demonstrated ability to learn and stay current on data privacy, data security, and fraud threats and vulnerabilities. - Required
  • Intermediate organizational, planning and task management skills with high attention to detail; ability to adjust to changing priorities and work under tight timelines - Required
  • Intermediate level of investigative, analytical and problem-solving skills; ability to set goals, communicate expected outcomes and liaise with individuals across a variety of functions and levels - Required
  • Excellent customer service skills; ability to balance multiple priorities, deadlines and deliverables while maintaining a positive attitude - Required
  • Intermediate oral and written communication skills; ability to convey information in a clear and concise manner and provide regular proactive updates to team members, key stakeholders, and mid-level management - Required
  • Quick to adapt to new methods; ability to be flexible when needed, take initiative and demonstrate accountability - Required
  • ServiceNow Expertise as GRC Admin or GRC/IRM implementation analyst OR ServiceNow University GRC: Integrated Risk Management (IRM) Implementer - Required
  • Strong understanding of GRC Lifecycles management (Policy, Controls, Audit, Risk, Regulatory Change Management, Advance Risk and Advance Audit) - Required
  • Strong understanding of Reporting, Dashboards, and workspace within ServiceNow - Required
  • Understanding of Regulatory tool integrations with ServiceNow
  • Strong understanding of Entities/CMDB within ServiceNow - Required
  • Microsoft Office application experience (Excel, Word, Visio, Teams, SharePoint) - Required
  • Familiarity with IT and security systems - Required
  • Knowledge of applicable regulations such as Sarbanes-Oxley, DORA, NY DFS, GLBA, GDPR etc.- Required

Nice To Haves

  • Master's degree or professional industry certification - Preferred
  • Insurance/Reinsurance industry experience or certifications - Preferred
  • Information security, privacy, compliance, risk or audit professional certifications, such as: SSCP, CIPP, CISA and Security+ - Preferred
  • Intermediate understanding of domestic and global security & regulations - Preferred
  • IT Control Frameworks including NIST CSF/P, NIST AI, COBIT, ITIL, ISO 27001/27002, CIS, etc. - Preferred
  • Knowledge of risk assessment methods - Preferred
  • Information security, privacy, compliance, risk or audit professional certifications, such as: SSCP and Security+ - Preferred
  • Experience reviewing SOC1 and SOC2 attestations - Preferred
  • Project management skills/experience - Preferred
  • Power-BI Experience for reporting, queries and creating dashboards - Preferred

Responsibilities

  • Work with functional and technical requirements to design and implement within ServiceNow Enterprise IRM Application and automate where possible.
  • Support and maintain ongoing processes for the Enterprise IRM Application with scope, product, and operational changes/maintenance.
  • Capture, support, and validate requirements to technical developers and move along deployment lifecycle including user acceptance testing and agile testing, assuring alignment between stories and stakeholders and taking processes into features/requirements for implementations.
  • Understand dependencies as aligned to ServiceNow architectural requirements.
  • Collaborate with compliance, security and risk professionals on projects related to compliance with Security Frameworks (NIST CSF/SOX/DORA) and other regulations.
  • Develop and administer just-in-time training and awareness campaigns for various IRM/GRC groups within the company.
  • Provide process improvement recommendations to mitigate risk, meet business obligations, and regulatory requirements.
  • Facilitate incoming audits and assessments, coordinate discussions with appropriate owners and business stakeholders, and follow up on any remediation activities identified to meet associated due dates to ensure timely completion.
  • Participate in the development of policies, standards, controls, procedures, and security and privacy audits and assessments.
  • Structure, scope, and compile data to support reporting.
  • Performs other duties as assigned.

Benefits

  • annual bonus plan
  • long-term equity incentive plan
  • full range of health, retirement, and other employee benefits
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service