ServiceNow SecOps Developer

Job Role: ServiceNow SecOps Developer

Location: Salt Lake City, UT /Remote

Job Description:

we need someone with hands on experience with developing in Vulnerability Response (and if possible, SIR). Someone that knows best practices, has developed integrations, and has built the platform to optimize capabilities above and beyond the out of the box configurations. Someone that can inform the business if a development request is inadvisable and to provide a better solution. SecOps Developer (mainly Vulnerability Response) but would be great if the individual had experience with SIR also.

Key Responsibilities:

1. Develop, configure, and customize the ServiceNow Vulnerability Response module to support business and security needs, above and beyond oob configurations.
2. Integrate VR with vulnerability data sources (e.g., Tenable, Qualys, Veracode) using MID Servers, APIs, and data connectors.
3. Create custom connections to data sources (e.g. Arnica and SonarQube)
4. Implement automated workflows for vulnerability detection, analysis, assignment, and remediation tracking.
5. Design dashboards and reports for vulnerability metrics, SLA tracking, and executive visibility.
6. Collaborate with Security Operations, ITSM, CMDB, and Governance teams to ensure end-to-end vulnerability lifecycle integration.
7. Create and maintain technical documentation, including design specs, workflows, and user guides.
8. Troubleshoot issues and optimize performance of VR-related applications.
9. Ensure compliance with best practices, data privacy, and security standards.

• Design and implement SecOps solutions within the ServiceNow platform.
• Define and document SecOps best practices, frameworks, and methodologies aligned with industry standards such as ISO 27001, NIST, GDPR, and CIS Controls.
• Ensure proper integration of IRM & SecOps with CMDB, ITSM, ITOM, and other enterprise applications.
• Provide expertise in data modeling, table structures, relationships, and ACL configurations within ServiceNow
• Deploy and configure Vulnerability Response (VR), Security Incident Response (SIR), and Threat Intelligence (TI).
• Integrate SecOps with third-party threat intelligence platforms such as STIX/TAXII, MITRE ATT&CK, and UpGuard.
• Automate security incident response playbooks using Security Orchestration, Automation, and Response (SOAR).
• Enable vulnerability scanning and patch automation by integrating with VM tools. Develop SecOps dashboards and reports for tracking security posture, incident trends, and compliance gaps.