Business Analyst – Enterprise Risk Management (ServiceNow IRM/GRC)

Business Analyst Enterprise Risk Management (ServiceNow IRM/GRC)

Location: Remote (U.S.) with occasional travel to Albany, NY

Employment Type: Full-time, project-based (initial 9-month implementation; potential long-term extension)

About the Role

Persistent Technology Inc. (PTI) is seeking a skilled Business Analyst to support the implementation of a ServiceNow Integrated Risk Management (IRM) and Governance, Risk, and Compliance (GRC) solution for the New York State Office of the State Comptroller (OSC). This project will deliver a cloud-based Enterprise Risk Management (ERM) platform aligned with the COSO Internal Control Framework, enabling standardized risk assessment, reporting, and oversight across OSC divisions.

The Business Analyst will play a key role in bridging business needs with technical execution, collaborating closely with PTI, Verterim, and OSC stakeholders to gather, document, and validate requirements while supporting testing and user adoption.

What You'll Do

• Lead requirements elicitation through interviews, workshops, and document analysis.
• Translate business objectives into detailed functional and technical requirements for ServiceNow IRM/GRC modules.
• Map OSC's current-state processes to ServiceNow capabilities, identifying gaps and opportunities for improvement.
• Collaborate with the Project Manager, Solution Architect, and Developer to ensure accurate configuration and workflow design.
• Develop and maintain requirements traceability, functional design documents, and UAT test cases.
• Support end-user testing, validation, and post-deployment enhancement requests.
• Prepare business process documentation and contribute to training and knowledge-transfer materials.

Minimum Qualifications

• 3+ years of experience as a Business Analyst on IT or SaaS implementation projects.
• Demonstrated experience with ServiceNow IRM, GRC, or workflow automation platforms.
• Strong analytical and documentation skills, including process modeling and requirements traceability.
• Excellent communication, facilitation, and stakeholder management skills.
• Understanding of risk management, internal controls, or COSO-based frameworks preferred.

Preferred Qualifications

• Experience with public-sector or state government IT modernization projects.
• Familiarity with FedRAMP, SOC 2, or ISO 27001 security frameworks.
• ServiceNow certifications (e.g., CISRisk and Compliance, CSA, CAD) desirable.
• Bachelor's degree in Business, Information Systems, or related field.