Third Party Risk Management (TPRM) Technical Consultant

Veracity is a business and technology consultancy that specializes in optimizing companies’ business performance and navigating change. Our experienced team of strategic thinkers, solution experts, and problem solvers work flexibly and collaboratively with our clients to understand their business objectives to drive results. We are also guided by our core values and purpose, which includes being transparent, curious, and humble while ensuring our clients, employees, and communities all thrive.

Currently, we are searching for a ServiceNow Third-Party Risk Management (TPRM) Technical Consultant to join our team in a 100% remote capacity.

Job Responsibilities:

• Lead the design, configuration, and deployment of the ServiceNow TPRM application to support the full third-party risk lifecycle—from onboarding and due diligence to ongoing monitoring and reassessment.
  
• Customize risk tiering, inherent and residual risk scoring models, questionnaires, assessment workflows, and attestation processes to meet regulatory and business requirements.
  
• Integrate TPRM with internal systems (e.g., vendor master, procurement tools) and external sources (e.g., BitSight, RiskRecon, SecurityScorecard).
  
• Collaborate with business analysts and risk owners to gather and translate requirements into ServiceNow configurations and workflows.
  
• Implement automation using Flow Designer, Business Rules, Script Includes, and REST APIs to streamline third-party risk processes.
  
• Align implementation with Common Service Data Model (CSDM) and IRM best practices.
  
• Create reports, dashboards, and real-time risk indicators for visibility into third-party risk posture and compliance.
  
• Support testing, deployment, and post-implementation activities including training and documentation.
  
• Provide ongoing support, enhancement, and optimization of the TPRM module.
  
• Ensure solutions are scalable, secure, and aligned with ServiceNow platform governance.
  

Minimum Job Qualifications:

• 3+ years of hands-on experience implementing ServiceNow GRC/IRM solutions, with a focus on the TPRM module.
  
• ServiceNow Certified Implementation Specialist – Risk and Compliance or TPRM specialization.
  
• ServiceNow Certified System Administrator.
  
• Deep understanding of third-party risk management processes, regulatory compliance, and industry frameworks (e.g., NIST, ISO 27001, SOC 2, GDPR).
  
• Proficiency with ServiceNow platform components including Flow Designer, Script Includes, ACLs, UI Policies, and REST APIs.
  
• Experience integrating external vendor risk data providers with ServiceNow.
  
• Familiarity with ServiceNow CMDB and Vendor Management Workspace is a plus.
  
• Excellent communication and stakeholder engagement skills.
  
• Regular and predictable attendance
  

To be considered an applicant for a position, you must: (1) complete the application in full; (2) apply for a specific, available position; and (3) meet all stated minimum qualifications.  Applications that are incomplete or are submitted for "any" position will not be considered.   Applicants are good for 90 days.  If you are not selected within 90 days of submission, and remain interested in a position, you must submit a new application. 

Veracity Consulting provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to disability or status as a protected veteran and any other characteristics protected by law.

We are committed to providing reasonable accommodations to applicants with disabilities. If you need a reasonable accommodation for any part of the employment process, please contact Human Resources at hr@veracityit.com and let us know the nature of your request and your contact information. Requests will be considered on a case-by-case basis.

In addition to federal law requirements, Veracity Consulting complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities.

No 3^rd parties, please.