ServiceNow Architect - GRC / Integrated ...

NewVision Softcom & Consultancy -
Pune, Maharashtra

Apply Now

Job details

Full-time
1 day ago

Qualifications

System administration
Oracle
Computer Science
SAP
Securities & Exchange Commission
CISSP
Information security
Master's degree
SOAP
CISM
Nessus
Information Security
Bachelor's degree
Splunk
Risk management
REST
Sailpoint
ServiceNow
ISO 27001
Business Administration
AI
MBA
Banking
Active Directory
Information Technology

Full job description

IT-ISPune

Posted On

09 Jun 2026

End Date

09 Jun 2027

Required Experience

10 - 15 Years

Basic Section

Grade

Role

Architect

Employment Type

Full Time

Employee Category

Organisational

Group Company

NewVison

Company Name

New Vision Softcom & Consultancy Pvt. Ltd

Function

Business Units (BU)

Department/Practice

IT-IS

Organization Unit

ITIS - Service Now

Region

APAC

Country

India

Base Office Location

Pune

Working Model

Hybrid

Weekly Off

Pune Office Standard

State

Maharashtra

Skills

Skill

Highest Education

No data available

CERTIFICATION

No data available

Working Language

No data available

Job Description

1. POSITION PURPOSE

The ServiceNow GRC / IRM Architect serves as the senior-most technical authority for the organisation's ServiceNow Integrated Risk Management (IRM) and Governance, Risk & Compliance (GRC) ecosystem. This role is responsible for designing, implementing, and governing scalable, enterprise-grade solutions that protect the business, satisfy global regulators, and provide leadership with real-time risk intelligence.

The Architect will act as a strategic partner to Risk, Audit, Legal, Privacy, and CISO functions — driving a multi-year roadmap to automate and modernise the GRC programme, and embedding AI-driven risk capabilities across the platform.

2. KEY RESPONSIBILITIES

2.1 Platform Architecture & Design

Serve as the authoritative solution architect for the ServiceNow IRM/GRC platform — leading end-to-end design and delivery across Policy & Compliance, Risk Management, Audit Management, Issues Management, Vendor Risk, BCM, and AI Control Tower
Define and maintain the enterprise IRM architecture and multi-year technology roadmap aligned to the organisation's regulatory strategy and risk appetite
Ensure all solutions are scalable, secure, compliant, and aligned with ServiceNow platform best practices and CSDM / CMDB data models
Minimise customisation; drive OOTB adoption and enforce architectural governance throughout the implementation lifecycle

2.2 Risk & Compliance Programme Design

Design enterprise risk frameworks including risk registers, control libraries, risk appetite statements, and automated control testing workflows
Architect third-party / vendor risk management programmes — assessment workflows, scorecards, continuous monitoring, and due diligence processes
Configure and govern the AI Control Tower module for AI model risk management, AI inventory, and AI governance controls aligned to EU AI Act, DORA, and SEC requirements
Own the BCM / DR module blueprint — integrating risk assessment workflows with operational recovery planning to strengthen organisational resilience

2.3 Integration & Technical Delivery

Define integration strategies with SIEM/SOAR tools (Splunk, Microsoft Sentinel), vulnerability management platforms (Qualys, Tenable), ERP systems (SAP), and identity platforms
Architect integrations with the ServiceNow SecOps suite — Vulnerability Response and Security Incident Response — to create a unified cyber-risk posture
Ensure control-to-asset accuracy via CMDB / CSDM alignment and service mapping

2.4 Stakeholder Engagement & Leadership

Lead GRC workshops, design sessions, and architecture reviews with Audit, Legal, Privacy, Risk, and CISO stakeholders
Act as a trusted advisor to senior client and executive stakeholders on GRC and risk transformation initiatives
Mentor GRC developers and consultants; conduct code and design reviews; set development standards

3. QUALIFICATIONS

3.1 Education

Bachelor's degree in Information Technology, Computer Science, Information Security, Risk Management, or a related field (required)
Master's degree (MBA, MSc Cybersecurity, or MSc Risk Management) is strongly preferred for Principal-level roles

3.2 Experience

10–14 years of total professional experience in IT, with a minimum of 5 years of hands-on ServiceNow IRM / GRC implementation experience
Demonstrated experience as a lead or architect on a minimum of 2 enterprise-scale GRC / IRM implementations, covering multiple modules
2–3 years in a lead or architect capacity, with accountability for solution design and delivery governance
Prior experience in regulated industries is strongly preferred:
Banking, Financial Services & Insurance (BFSI)
Healthcare / Life Sciences
Defence & Government
Energy & Utilities
Experience migrating from legacy GRC platforms (RSA Archer, MetricStream, ServiceNow SRM) is advantageous

4. TECHNICAL SKILLS

4.1 ServiceNow IRM / GRC Modules

Policy & Compliance Management — policy libraries, control frameworks, attestation campaigns
Risk Management — risk registers, scoring models, heat maps, risk appetite configuration
Audit Management — audit planning, engagements, findings, workpapers, audit universe
Issues Management — issue tracking, remediation workflows, exception handling
Vendor / Third-Party Risk Management — vendor assessments, scorecards, continuous monitoring
Business Continuity Management (BCM) — BIA, business continuity plans, DR workflows
AI Control Tower — AI model governance, AI inventory, model risk controls
Operational Resilience — critical service mapping, impact analysis, DORA compliance workflows

4.2 Platform & Scripting

ServiceNow scripting: Business Rules, Client Scripts, Script Includes, UI Policies, Flow Designer, IntegrationHub
Scoped applications, domain separation, ACL design, and security model configuration
CMDB / CSDM data model alignment and service mapping for risk-to-service linkage
Performance Analytics, GRC Dashboards, Workspaces, and Employee-facing Portals
NowAssist / GenAI integration within GRC workflows; AI-driven risk prediction configuration

4.3 Integrations

REST, SOAP, MID Server, and IntegrationHub spokes for GRC data flows
SIEM platforms: Splunk, Microsoft Sentinel
Vulnerability management: Qualys, Tenable / Nessus
ERP integration: SAP GRC, Oracle
Identity & access management platforms (Active Directory, Okta, SailPoint)

5. CERTIFICATIONS

Status

Certification

Issuing Body

Required

CIS - Risk & Compliance (GRC)

ServiceNow

Preferred

Certified System Administrator (CSA)

ServiceNow

Preferred

Certified Technical Architect (CTA)

ServiceNow

Preferred

CIS - Vendor Risk Management

ServiceNow

Preferred

CRISC - Certified in Risk & Information Systems Control

ISACA

Preferred

CISA - Certified Information Systems Auditor

ISACA

Preferred

CISSP / CISM

ISC2 / ISACA

Preferred

ISO 27001 Lead Implementer

CQI / BSI / PECB

Preferred

ITIL v4 Foundation

Axelos

6. BEHAVIOURAL COMPETENCIES

Strategic Thinking

Translates complex regulatory requirements and enterprise risk strategy into actionable ServiceNow architecture decisions

Stakeholder Influence

Engages effectively with CISO, CRO, General Counsel, and Board-level stakeholders on GRC risk posture and programme maturity

Technical Leadership

Mentors developers and consultants; sets standards, conducts reviews, and drives a culture of platform governance

Communication

Presents complex risk and compliance topics clearly for non-technical audiences; produces high-quality architecture documentation

Problem Solving

Navigates ambiguous regulatory requirements and translates them into scalable, OOTB-aligned platform solutions

Continuous Learning

Stays current on evolving regulatory landscape (DORA, EU AI Act, SEC rules) and ServiceNow IRM product roadmap

Apply Now

Basic Section

Organisational

Skills

Job Description

Jobseeker tools

Employer Tools

Browse

Stay Connected