ServiceNow SecOps

We are seeking a highly skilled and experienced ServiceNow Security Operations (SecOps) Specialist to implement, configure, and manage security incident response and vulnerability management processes within the ServiceNow platform. The ideal candidate will have deep expertise in ServiceNow SecOps modules, a strong understanding of cybersecurity operations, and the ability to enhance our security posture by automating and streamlining security workflows.

Roles and Responsibilities:

• Implement, configure, and maintain ServiceNow Security Operations modules, including Security Incident Response (SIR) and Vulnerability Response (VR).
• Integrate ServiceNow SecOps with various security tools such as SIEMs (Splunk, QRadar), vulnerability scanners (Qualys, Tenable), threat intelligence platforms, and other security orchestration, automation, and response (SOAR) solutions.
• Design and develop security workflows, playbooks, and automation scripts within ServiceNow to streamline incident investigation, containment, and remediation.
• Configure security incident response processes within ServiceNow, including incident creation, assignment, investigation, resolution, and reporting.
• Manage vulnerability lifecycle within ServiceNow VR, from discovery and prioritization to remediation tracking and reporting.
• Develop custom dashboards, reports, and metrics within ServiceNow to provide visibility into security operations performance and risk posture.
• Collaborate with security analysts, IT operations, and development teams to define security requirements and ensure seamless integration of security processes.
• Perform regular health checks, performance tuning, and troubleshooting for the ServiceNow SecOps environment.
• Stay updated with the latest cybersecurity threats, vulnerabilities, and industry best practices, as well as new features within ServiceNow SecOps.
• Provide training and guidance to security teams on effective utilization of ServiceNow SecOps functionalities.
• Ensure compliance with security policies, regulatory requirements, and audit standards through the ServiceNow platform.

Required Skills and Qualifications:

• Proven experience in implementing, configuring, and supporting ServiceNow Security Operations (SecOps) modules (SIR, VR).
• Strong understanding of cybersecurity concepts, including incident response, vulnerability management, threat intelligence, and security automation.
• Experience with integrating ServiceNow with other security tools and platforms.
• Proficiency in ServiceNow platform development and administration (JavaScript, Glide API, Business Rules, Workflows, Flow Designer).
• Knowledge of security frameworks such as NIST, ISO 27001, MITRE ATT&CK.
• Familiarity with ITSM processes and ITIL framework.
• Excellent analytical, problem-solving, and debugging skills.
• Strong communication skills (written and verbal) and ability to collaborate effectively with cross-functional teams.
• ServiceNow Certified System Administrator (CSA) and ServiceNow Certified Implementation Specialist (CIS) - Security Incident Response or Vulnerability Response certifications are highly desirable.