Job Description
Alcor Solutions is seeking a Senior ServiceNow IRM/GRC Consultant who brings strong business consulting acumen and deep expertise in ServiceNow’s Integrated Risk Management (IRM) suite. This role is pivotal in bridging business requirements with technical implementation—gathering and translating needs, defining processes, and driving adoption. The consultant will maximize the value of IRM capabilities for risk and compliance management on the ServiceNow platform through effective documentation, stakeholder engagement, and user training.
Key Responsibilities:
- Work with client stakeholders to translate risk and compliance business needs/demands into user stories with clear acceptance criteria
- Collaborate with client stakeholders, scrum masters and developers to refine the backlog, prioritize user stories, and allocate to sprints.
- Collaborate with developers to validate solutions are fit for purpose based on user stories.
- Lead testing activities including UAT planning, UAT training, test case development, and defect resolution.
- Ensure the required artifacts for migration of validated functionality from QA environment to production is gathered and reviewed as part of the change management process
- Drive adoption and value of implemented solutions by supporting stakeholders with maintaining data, executing processes, and reporting for the annual risk identification & assessment cycle through training, documentation, and enablement sessions.
- Support continuous improvement activities by identifying potential enhancements based on usage and feedback of existing solutions.
Required Skills & Competencies:
Core ServiceNow IRM Domain Expertise (Mandatory)
The candidate must possess strong knowledge of ServiceNow IRM functionality, processes, data models, and reporting across the following areas:
- Entity Framework
- Entity Classes, Entity Types and Entity Hierarchy
- Compliance Management
- Control Objectives and Controls
- Advanced Risk Management
- Risk Statements & Risk Statement Hierarchy, Advanced Risk Assessments, Quantitative & Qualitative Risk Assessments, Assessment Types, Methodologies, and Factors and Risk Response Tasks
- Risk Aggregation & Access Control
- Aggregation by Entities, Aggregation by Risk Statements, Aggregation of Entities by Risk Statements and Entity-based access and other IRM data restriction mechanisms
Consulting & Functional Competencies:
- Proven ability to lead complex risk and compliance engagements involving multiple stakeholders
- Strong communication and stakeholder management skills, particularly with risk and compliance teams
- Hands-on experience in conducting workshops, requirements gathering and definition, UAT planning and execution, and end-user training
- Ability to clearly articulate and simplify complex IRM concepts for business stakeholders
- Self-driven, with the ability to work independently in a fast-paced and dynamic environment
Qualifications & Experience
- 4–6 years of consulting experience, with at least 2+ years in ServiceNow IRM
- Experience in Agile/Scrum methodologies using JIRA, ServiceNow Agile, or similar tools.
- ServiceNow Certified Implementation Specialist (CIS–Risk and Compliance) strongly preferred.
- Experience delivering GRC/IRM projects, with strong preference for recent experience identified as critical IRM domain skills
- Additional ServiceNow certifications are welcome.
Impact & Growth:
The Sr. Business Analyst will be instrumental in
- enabling adoption of existing ServiceNow IRM solutions to plan, execute and report on the results of the annual risk assessment activities/processes.
- Implementing additional enhancements/continuous improvements opportunities based on evolving needs of the client and new IRM features.