Director, Product Management- Integrated Risk Management (IRM)

Company Description
It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone.
Job Description
About the Team
As part of the Digital Technology organization, this group operates as the enterprise's second line of defense-designing scalable governance, risk, and compliance capabilities that protect the business while enabling speed and innovation.
The environment is rich with complex problem spaces: fragmented risk processes, legacy tools, evolving regulatory requirements, and the growing need for automation, intelligence, and end-to-end visibility. This team approaches these challenges like product builders-redefining how risk is modeled, measured, and operationalized across the company.
If you're motivated by modernizing internal ecosystems and designing next-generation capabilities for Technology Risk Management, this team is the place to make real, lasting impact.
About the role:
As the Director of Product Management for Integrated Risk Management (IRM), this role drives the strategy, roadmap, and delivery of ServiceNow's core IRM products-solutions that help global enterprises manage risk at scale, strengthen compliance, and operate with greater resilience. The products built in this portfolio directly influence how customers safeguard their business, respond to regulatory pressure, and execute with confidence on the Now Platform.
Success in this role depends on a deep understanding of complex business problems across Risk, Audit, Compliance, Cybersecurity, Vendor Risk, Privacy, Operational Resilience, and emerging regulatory trends. Those insights translate into scalable, automated, and data-driven capabilities that elevate ServiceNow's leadership in the risk and security ecosystem.
This role serves as a strategic partner to Engineering, SecOps, CMDB/APM, Internal Audit, Security Architecture, Legal & Compliance, and Executive Leadership, ensuring the IRM product suite is aligned with company priorities and delivers measurable customer and business value. The position plays a central role in shaping how ServiceNow modernizes the risk experience-simplifying workflows, improving decision-making, and driving platform adoption.
The IRM portfolio spans mission-critical modules, including:

• Risk Management (internal controls, issue management)
• Policy & Compliance Management
• Audit Management
• Vendor and Third-Party Risk Management
• Business Continuity & Operational Resilience
• Regulatory Change Management

This is a high-impact, high-visibility leadership role for someone who excels at influencing across the organization, steering complex product portfolios, and shaping the future of risk management for enterprises worldwide. The work done here directly supports ServiceNow's broader mission to make the world's workflows smarter, more secure, and more resilient.
The impact you'll make:
Product Roadmap & Strategy

• Understand and socialize a multi-year product strategy for IRM capabilities across the enterprise, and socialize the impact across the internal stakeholders.
• Lead an enterprise-wide "Customer Zero" vision - driving adoption of new IRM capabilities across global teams.
• Partner with executive leadership to shape strategic priorities and communicate progress, value, and business impact.

Roadmap Ownership & Execution

• Own the internal IRM product roadmap - including feature prioritization, planning, dependencies, and delivery.
• Translate complex risk, compliance, audit, and resilience requirements into clear functional requirements and user stories for engineering.
• Own and champion AI features, capabilities, and Agentic workflows to continuously transform and evolve the risk & compliance space.
• Partner with other Product leaders to maximize leverage of ServiceNow's AI platform through integrations, AI, and automation.
• Ensure scalability, data integrity, automation, user experience, and seamless integrations (e.g., with CMDB/APM, SecOps etc.).

Cross-Functional Leadership

• Act as the central point of engagement among IRM, SecOps, Security Engineering, Audit, Compliance, Vendor Management, Business Continuity, and IT/Platform teams.
• Drive alignment with stakeholders across business, technology, risk, and audit functions.
• Lead cross-functional forums to define requirements, dependencies, and release plans for IRM modules and data integrations.

Domain & Technical Expertise

• Leverage deep expertise in GRC frameworks (e.g., SOX ITGC, NIST, ISO, CMMC, privacy, vendor risk, operational resilience) to guide product decisioning.
• Shape how IRM modules (Risk Management, Policy & Compliance, Audit, Vendor Risk, BCM, Regulatory Change, etc.) interoperate and scale within ServiceNow's platform architecture.
• Evaluate data models, integrations, architecture choices, and quality of IRM implementations.

Change Management & Adoption

• Develop enablement plans - training, communication, release documentation, and adoption support across global teams.
• Define metrics and KPIs - for adoption, utilization, and value realization.

About Digital Technology
We're not yesterday's IT department-we're Digital Technology. The world around us keeps changing, and so do we. We're redefining what it means to be IT with a mindset centered on transformation, experience, AI-driven automation, innovation, and growth. We're all about delivering delightful, secure customer and employee experiences that accelerate ServiceNow's journey to becoming the defining enterprise software company of the 21st century. We love co-creating, using, and highlighting our own products to do it.
Ultimately, we strive to make the world work better for employees and customers-when you work in ServiceNow Digital Technology, you work for them.
Qualifications

• 12+ years of experience in Product Management, Integrated Risk Management, GRC, Compliance, Cybersecurity, or related domain.
• Proven track record as an inbound product manager owning roadmap, requirements, and execution - ideally in risk/compliance/IRM context.
• Strong knowledge of GRC frameworks (e.g., SOX, NIST CSF, ISO 27001, CMMC, COBIT, privacy, vendor risk, operational resilience).
• Experience designing or implementing large-scale enterprise solutions across Risk Management, Compliance, Audit, Vendor Risk, Business Continuity, or Regulatory Change.
• Ability to translate ambiguous, high-level business problems into structured, actionable product requirements and roadmaps.
• Strong understanding of enterprise workflow automation, data-driven decisioning, and risk/control frameworks.
• Excellent communication, leadership, and influencing skills - comfortable presenting to senior leadership (VP/SVP levels).
• Ability to work collaboratively across technical, compliance, audit, security, and business functions - influencing without direct authority.

Preferred

• Prior experience with ServiceNow IRM (or equivalent GRC/IRM platform) - especially across Risk Management, Audit, Vendor Risk, BCM / Resilience, and Regulatory Change modules.
• Experience integrating IRM with IT Asset Management, CMDB/APM, SecOps, vulnerability/asset data, third-party/vendor data, and audit workflows.
• Background in Customer Zero or internal governance transformation - driving own-organization IRM adoption and transformation.
• Experience in building or consuming continuous monitoring, control hygiene, or AI-enabled risk/issue automation workflows (e.g., automated control testing, continuous controls monitoring, risk scoring, AI/ML-driven issue remediation).

JV20
Additional Information
Work Personas
We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service.
Equal Opportunity Employer
ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements.
Accommodations
We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact [email protected] for assistance.
Export Control Regulations
For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities.
From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.