Shi
Product Manager - ServiceNow GRC & SecOps
Company
Role
Product Manager - ServiceNow GRC & SecOps
Location
United States of America
Job type
Full-time
Found on Mokaru
Yesterday
Salary
Job description
About Us
Since 1989, SHI International Corp. has helped organizations change the world through technology. We’ve grown every year since, and today we’re proud to be a $16 billion global provider of IT solutions and services.
Over 17,000 organizations worldwide rely on SHI’s concierge approach to help them solve what’s next. But the heartbeat of SHI is our employees – all 7,000 of them. If you join our team, you’ll enjoy:
Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.
Continuous professional growth and leadership opportunities.
Health, wellness, and financial benefits to offer peace of mind to you and your family.
World-class facilities and the technology you need to thrive – in our offices or yours.
Job Summary
The ServiceNow GRC (IRM) & SecOps Product Manager is responsible for defining and driving the strategy, roadmap, governance, and adoption of ServiceNow Integrated Risk Management (IRM/GRC) and Security Operations (SecOps) capabilities. This role partners across Security, Risk, Compliance, Audit, and IT teams to deliver scalable solutions that improve risk visibility, regulatory compliance, vulnerability management, and overall cyber resilience.Role Description
Own and manage the ServiceNow IRM/GRC and SecOps product roadmap, ensuring alignment with the enterprise risk and security strategy.
Drive adoption and maturity of key capabilities, including:
Policy & Compliance
Risk Management
Audit Management
Business Continuity Management (BCM)
Third-Party Risk Management (TPRM)
Vulnerability Response
Security Incident Response
Threat Intelligence
Partner with Security, GRC, Audit, IT Operations, and Platform teams to define requirements and prioritize enhancements.
Lead governance forums, stakeholder workshops, and executive reviews.
Translate business and regulatory requirements into user stories and product backlog items.
Ensure integration across CMDB, vulnerability tools, threat intelligence platforms, and third-party systems.
Drive process standardization, automation, and continuous improvement across risk and security workflows.
Define and monitor KPIs related to compliance, risk reduction, security response, and remediation SLAs.
Develop dashboards and reporting to provide leadership visibility and support audit transparency.
Promote adoption of advanced capabilities, including AI-driven risk scoring, automation, and continuous control monitoring.
Behaviors and Competencies
Business Acumen: Can analyze financial and operational data to make informed decisions.
Communication: Can effectively communicate complex ideas and information, and can adapt communication style to the audience.
Follow-Through: Can manage multiple tasks, prioritize effectively, and meet deadlines without needing explicit reminders.
Organization: Can prioritize daily tasks, manage personal workflow, and utilize basic tools to keep track of responsibilities.
Detail-Oriented: Can identify errors or inconsistencies in work and make necessary corrections.
Data Analysis: Can identify patterns and trends in data, propose hypotheses, and use statistical techniques to test them
Problem-Solving: Can identify problems, propose solutions, and take action to resolve them without explicit instructions.
Multi-Tasking: Can identify opportunities for task optimization, propose solutions, and manage multiple tasks without explicit instructions.
Strategic Thinking: Can contribute to the development of strategic plans and initiatives.
Willingness to Learn: Can actively seek out learning opportunities but may need guidance to apply new knowledge or skills effectively.
Time Management: Can generally use time effectively and is working towards improving task prioritization and deadline management.
Skill Level Requirements
Strong understanding of risk frameworks and security operations processes.
Proven ability to manage cross-functional stakeholders and communicate effectively with executive leadership.
Strategic, outcome-driven mindset with a focus on delivering measurable business value.
Strong stakeholder management and communication skills.
Governance and compliance-oriented approach.
Data-driven decision-making capabilities.
Ability to balance security, risk, and business priorities.
Other Requirements
Completed Bachelor’s Degree or relevant work experience required
8+ years of experience in risk management, compliance, cybersecurity, or security operations.
3+ years of experience with ServiceNow IRM/GRC and/or SecOps product ownership or product management.
Experience leading enterprise-scale ServiceNow or GRC/SecOps transformation initiatives.
Ability to travel to SHI, Partner, and Customer Events
Ability to travel 25%
Preferred
ServiceNow certifications such as: CIS-IRM, CIS-SecOps, CSA
Experience with CMDB, vulnerability management tools, SIEM platforms, and TPRM solutions.
Familiarity with regulatory frameworks such as SOX, ISO, NIST, GDPR, or HIPAA.
Exposure to AI/GenAI capabilities within risk and security operations.
The estimated annual pay range for this position is $150,000 - $180,000 which includes a [compensation structure]. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
Equal Employment Opportunity – M/F/Disability/Protected Veteran Status
