Director, Compliance Engineering

Servicenow San Diego , CA 92140

Posted 2 months ago

Job Title: Director, Cloud Compliance Engineering


Work matters. It's where we spend a third of our lives, and fortunately, the workplace of the future is going to be a great place. We're dedicated to bringing that to life for people everywhere. That's why we put people at the heart of everything we do.

People matter. Our people have a passion for learning, building, and innovating. Whether you're an engineer, a sales professional, a finance professional, or anything in-between, our roles aim to provide each person with meaningful impact and plenty of space to grow.


The Director, Cloud Compliance Engineering, will be responsible for architecting and defining technical strategy, and leading program management for the Cloud Compliance Engineering team. This team's function includes designing and implementing a common control framework, deploying and managing control monitoring testing and automation, and analyzing compliance changes to product application, platform, and infrastructure for ServiceNow's cloud offerings, globally. This role will work collaboratively across compliance, engineering, sales, operations, privacy, security, and governance functions to design, build, and execute a world-class compliance management program while utilizing the ServiceNow platform. The Director, Cloud Compliance Engineering, will collaborate with these teams and additional groups across the company on an ongoing basis, to continuously monitor and ensure ServiceNow products and services address compliance requirements, and that controls are designed and operating as intended in the environment.

This role will also define and execute strategy and product support for customer regulatory and compliance control capabilities. Based on best-practices defined by the Cloud Compliance Engineering program, this role will build capabilities to enable customers to streamline and achieve compliance objectives when using ServiceNow. Enablement capabilities include cross-group collaboration and development of trust-related documentation and tools such as: compliance strategies and approach documentation, compliant reference architectures, GRC configuration guidelines, and continuous monitoring design for customer and shared control responsibilities. This role will report to the Sr. Director of Cloud Governance, Compliance & Certification.

What you get to do in this role:

  • Establish best in class processes, operations, engineering & automation for managing and monitoring compliance at the cloud Application, Platform, and Infrastructure levels.

  • Lead strategy and execution of the cloud Common Control Framework (CCF) and Continuous Control Monitoring (CCM) programs to address current domains (i.e. Security, Privacy, Quality, Sustainability and Accessibility) and third party attestations/certification (i.e. ISO 27001, ISO 27017, ISO 27018, ISO 27701, SOC 1, SOC 2, NIST 800-53, MTCS, IRAP, German C5 and more).

  • Develop and maintain policy and procedures that drives key activities.

  • Drive compliance onboarding and significant change request process along with cloud risk management teams to identify new product applications, features, deployments, and functionality to ensure timely inclusion in compliance programs and certifications.

  • Evangelize CCF to drive control owner awareness and education to ensure controls are implemented, maintained and compliant.

  • Develop and lead new domain/certification ingestion process for new standards, regulations and/or other requirement sets presented to address regulated markets, risk mitigation and/or company forward thinking.

  • Drive efficiency in the compliance process through automation and rationalizing configuration / code-based compliance controls over manual process and controls.

  • Work with engineering teams on new cloud and datacenter deployments, addressing compliance requirements as part of initial design and deployment.

In order to be successful in this role, we need someone who has:

  • 10+ years related experience, with 5+ years of hands on leadership experience in Governance Risk and Compliance fields.

  • Deep understanding of commercial certification and attestation to include SOC 1, SOC2, ISO 27001, ISO 27701, PCI-DSS, HITRUST, Singapore MTCS, and Australia IRAP

  • Strong understanding of Federal compliance certifications and requirements such as NIST 800-53 and FedRAMP is a plus.

  • Experience and demonstrated understanding of other global cloud certifications such as German C5, France HDS, France SecNumcloud, India Meity, and S. Korea K-ISMS is a plus.

  • Demonstrated ability to build out scalable compliance systems and processes for complex environments and regulations.

  • Demonstrated ability to build and lead product development. Product development around compliance / GRC tooling a plus.

  • Deep understanding of compliance audit testing and design of tests.

  • Strong understanding of security and regulatory objectives, control automation, and building scalable control implementations for multiple cloud environments a plus.

  • Self-motivated, self-directed, and able to thrive in a fast-paced environment with a passion to make an impact.

  • Ability to work across the organization to evangelize and influence company compliance efforts.

  • Demonstrated ability to interface successfully with customers and engineering teams in critical and challenging audits and conversations.

  • Strong leadership skills, strategy, analytical, problem solving, decision-making; works under minimum direction.

  • Prior experience at a SaaS, Paas or IAAS Cloud company.

  • Master's degree or related experience; certifications highly regarded.

  • Willing to travel up to 25%+ is required.

EEOE Statement Section

ServiceNow's EEOE statement is automatically added to each U.S. based job description.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Director Of Design / Engineering Services

Encore Semi, Inc.

Posted 3 days ago

VIEW JOBS 9/15/2020 3:26:08 PM 2020-12-14T15:26 <strong>Director of Design Services</strong><br />  <br /> <strong>Overview:</strong><br /> Encore Semi is a rapidly growing and highly successful engineering services company. It provides highly talented teams of experts that are collaborating with customers in challenging projects, in the area of SoC and embedded software life-cycle. Our focus and promise is to provide high-value to customers, through acceleration, performance improvement, training, optimization, risk mitigation or other high-impact metrics. Headquarters in San Diego, Encore Semi has a large portfolio of Tier-1 customers across the North America territory. In order to support the growing demand for advanced Design Services, Encore Semi is hiring a Director of Design Services, directly reporting to the CEO/COO of the company. This position is located in San Diego, Bay Area or Austin and may require some travel within North America.<br />  <br /> <strong>Responsibilities:</strong><br /> The Director of Design Services is an executive technical management position leading the whole company’s Design Services. It includes the following services:<br /> - System level Architectural definition<br /> - Analog/Mixed-Signal Circuit design and validation<br /> - RF Design and Validation<br /> - Digital IP design<br /> - Physical Design (RTL to GDSII)<br /> - DFT / DFx<br /> - CAD / Custom Layout<br />  <br /> <strong>Responsibilities include:</strong><br /> • Provide technical leadership in the field of responsibility<br /> • Drive the overall growth for the Design Service department<br /> • Manage, motivate and coordinate all the engineering resources of the department<br /> • Lead technical interactions with customers and provide technical support for sales and operations<br /> • Shape appealing engineering service proposals to match specific customer’s needs<br /> • Characterize customer projects to identify resource and timeline allocations leveraging Encore Semi’s strengths<br /> • Work with the HR/recruiting team to attract, qualify and train skilled engineers to expand the pool of expert resources<br /> • Continuously contribute to the definition and development of collaterals and activities to strengthen the company’s technical know-how on strategic selected fields as well as improving employees’ retention rate<br />  <br /> <strong>Qualifications / Experience:</strong><br /> • Successful 10+ years of hands-on design experience with proven successful tape-outs<br /> • Solid reputation in the field of responsibility, including published papers and/or patents<br /> • At least 5 years of experience in managing direct reports, ideally in multiple locations<br /> • Technically up to date and ability to rapidly learn new technologies, new tools and new methodologies required to maintain high technical credibility with customers and employees<br />  <br /> <strong>This strategic position requires solid knowledge and experience in the following technology domains:</strong><br /> - Physical Design (RTL to GDSII)<br /> - High-Speed Analog/Mixed-Signal/RF Circuit Design<br /> - High-speed interfaces (PCIe, DDR, SATA, MIPI, Ethernet, USB, HDMI, DVI, etc.)<br /> - System level modeling (MATLAB, System-C, etc.)<br /> - Analog/Mixed-Signal/RF modeling (VerilogA, VerilogAMS, SystemVerilog real; ADS)<br /> - Analog Mixed-Signal / RF custom layout<br /> - Digital IP design<br /> - DFT, DFx methodology and implementation techniques<br /> - Strong understanding of the CAD flows & tools from spec to GDS, for Digital, AMS/RF design<br />  <br /> <strong>Other valuable experience:</strong><br /> - System design / HW/SW co-simulation<br /> - FinFET technology<br /> - DSP techniques<br /> - Adaptation algorithms<br />  <br /> • A broad understanding of the various phases of an IP/SoC/FPGA/platform development is critical<br /> • Experience with customer interaction and ability to turn customer’s requirements into viable and profitable opportunities<br /> • Excellent verbal/written communication skills is required. Strong presentation skills and ability to rapidly respond to technical questions from clients, investors, management and technical associates<br /> • Excellent organization skills. Efficient responsiveness and ability to manage multiple engineering teams and customers in parallel<br /> • Ability to efficiently leverage the organization to achieve best and fastest results with minimum energy<br /> • Self-starter; sets example as a high-performing team member; has a positive demeanor and uses knowledge and organizational skills to achieve desired objectives; shows technical leadership in front of customers; supports other team members; takes accountability for individual and team objectives<br /> • Ability to maintain a high-quality work level even under stress and/or time constraints<br /> • Reasonable understanding of contractual and legal terms, and their business/liability implications is a strong plus<br />  <br /> <strong>Education:</strong><br /> • Master of Science in Electrical Engineering is preferred Encore Semi, Inc. San Diego CA

Director, Compliance Engineering