Support execution of ITSM RCSA cycles, including risk identification, inherent risk assessment, control mapping, and residual risk evaluation.
Partner with ITSM process owners (Incident, Problem, Knowledge, Change, Asset, Configuration, Request, etc.) to identify key operational and technology risks.
Document risks in enterprise risk tools (e.g., Archer, GRC platforms).
Maintain risk statements, causes, impacts, and control relationships in accordance with enterprise risk taxonomy.
Document and maintain key controls aligned to ITSM processes and regulatory / policy expectations.
Perform control design and operational effectiveness assessments, including control evidence review, gap identification and remediation tracking.
Support issue management for control deficiencies, audit findings, and risk events.
Coordinate with Internal Audit and Second Line Risk during reviews and validations.
Develop, maintain, and report ITSM risk metrics, including Key Risk Indicators (KRIs) and Key Performance Indicators (KPIs).
Ensure metrics are Enterprise‑sourced, well-defined with thresholds and escalation criteria, aligned to ITSM control objectives.
Analyze trends, breaches, and emerging risks; provide clear executive‑level summaries and visualizations.
Prepare RCSA summaries, control status reports, and metric dashboards for management and risk committees.
Support regulatory, audit, and compliance responses related to ITSM risk and controls.
Ensure ongoing alignment with enterprise risk frameworks, policies, and standards.
Identify opportunities to enhance ITSM risk coverage, control maturity, and metric quality.
Drive consistency and standardization across ITSM processes for risk and control documentation.
Promote a risk‑aware culture within ITSM teams.

Requirements

Change Management
Corporate Governance
Data Analytics
IT Service Management (ITSM)
Key Performance Indicators (KPI)
Process Efficiencies
Process Improvements
Risk Assessments
RSA Archer
ServiceNow Platform
3+ years of relevant / direct industry experience
Bachelor’s degree or comparable combination of education, job specific certification(s), and experience (including military service) may be considered

Benefits

medical/prescription drug coverage (with a Health Savings Account feature)
dental and vision options
employee and spouse/child life insurance
short and long-term disability protection
401(k) with PNC match
pension and stock purchase plans
dependent care reimbursement account
back-up child/elder care
adoption, surrogacy, and doula reimbursement
educational assistance, including select programs fully paid
a robust wellness program with financial incentives
maternity and/or parental leave
up to 11 paid holidays each year
9 occasional absence days each year, unless otherwise required by law
between 15 to 25 vacation days each year, depending on career level; and years of service

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

risk identificationinherent risk assessmentcontrol mappingresidual risk evaluationcontrol designoperational effectiveness assessmentsgap identificationremediation trackingdata analyticsprocess improvements

Soft Skills

partneringdocumentationanalysiscommunicationreportingcoordinationpromoting risk-aware cultureexecutive-level summarizationstandardizationenhancing risk coverage

Certifications

Bachelor's degreejob specific certification