Overview
Skills
Job Details
Job Description Summary: ServiceNow SecOps Lead
This role is for a technical lead responsible for the implementation and integration of ServiceNow Security Operations (SecOps) projects. The focus is on configuring and customizing Security Incident Response (SIR), Vulnerability Response (VR), and Threat Intelligence modules, and integrating them with security tools like vulnerability scanners, SIEMs, and threat intelligence feeds.
Key Responsibilities Include:
Acting as the technical lead for ServiceNow SecOps implementation and integration projects.
Configuring and customizing ServiceNow modules: SIR, VR, and Threat Intelligence.
Integrating various security tools (vulnerability scanners, SIEMs, threat intelligence) with ServiceNow to streamline data flow and incident response.
Developing automated workflows, playbooks, and dashboards for vulnerability remediation.
Collaborating with vulnerability management, pen testing, and AppSec teams to correlate findings and manage risk.
Ensuring alignment with regulatory frameworks (NIST 2.0, ISO 27001, FFIEC, SOX, GLBA, PCI DSS).
Providing technical documentation, guidance, and knowledge transfer.
Participating in post-incident reviews and continuous improvement initiatives for vulnerability management.
Required Qualifications:
$5+$ years of experience in Security Operations, Vulnerability Management, or SOC environments.
Proven expertise in ServiceNow SecOps (SIR, VR, TI, or Configuration Compliance).
Strong scripting and automation experience (JavaScript, Python, or PowerShell).
Familiarity with ServiceNow integration using REST APIs or MID servers.
Experience in financial services or retail banking environments in the U.S.
Solid understanding of vulnerability lifecycle management, incident response, and risk scoring.
Preferred Qualifications:
ServiceNow Certified Implementation Specialist - Security Operations (CIS-SecOps).
Experience with vulnerability tools (Tenable, Qualys, Rapid7, etc.) and SIEM (Splunk, QRadar, etc.).
Knowledge of GRC integration with ServiceNow.
Exposure to cloud security (AWS, Azure, Google Cloud Platform) and DevSecOps pipelines.