ServiceNow SecOps

Job Title:

ServiceNow SecOps Implementation Specialist (VR & SIR)

Location:

Onsite / Remote / Hybrid

Experience Required:

5+ years in ServiceNow platform with at least 3 years focused on SecOps – Vulnerability Response (VR) and Security Incident Response (SIR)

Certifications Required:

• ServiceNow Certified System Administrator (CSA)
• ServiceNow Certified Implementation Specialist – Security Incident Response
• ServiceNow Certified Implementation Specialist – Vulnerability Response
• ITIL v4 Foundation(Optional)

Job Summary:

ServiceNow SecOps Implementation Specialist

Key Responsibilities:

1. Implementation & Configuration

• Lead end-to-end implementation of ServiceNow Security Operations modules – VR and SIR
• Configure and customize workflows, playbooks, data imports, dashboards, and business rules for VR/SIR
• Implement threat intelligence integrations (e.g., Anomali, Recorded Future) and vulnerability scanner integrations (e.g., Qualys, Tenable)
• Build use-case-specific automation using Flow Designer or Security Orchestration (SOAR)

2. Requirements Gathering & Design

• Collaborate with cybersecurity teams, risk & compliance, and IT operations to gather detailed requirements
• Translate business requirements into technical specifications and implementation plans

3. Integration & Automation

• Integrate ServiceNow SecOps with external tools such as SIEMs, CMDB, scanners, threat intel platforms, and ticketing systems
• Develop orchestration and remediation workflows for auto-assignment, enrichment, escalation, and resolution

4. Testing & Deployment

• Perform UAT, defect resolution, and cutover activities
• Ensure system performance, scalability, and security compliance during deployment

5. Documentation & Training

• Create solution design documents, implementation runbooks, and end-user training materials
• Conduct knowledge transfer and handover sessions for clients and internal teams

Skills & Qualifications:

• Strong knowledge of ServiceNow SecOps architecture, data models, and module interdependencies
• Proven experience with at least 2 full lifecycle implementations of VR and SIR
• Experience integrating ServiceNow with security tools (Tenable, Qualys, Rapid7, Splunk, Azure Sentinel, etc.)
• Hands-on scripting experience (JavaScript, Glide API)
• Familiarity with MITRE ATT&CK, NIST, and SOC operations
• Strong troubleshooting, debugging, and performance tuning skills
• Excellent client communication and stakeholder management skills

Nice to Have:

• Experience with Security Orchestration, Automation and Response (SOAR) in ServiceNow
• Experience with GRC/IRM module as an added advantage
• Experience in multi-org/global deployments and domain separation in ServiceNow
• Understanding of vulnerability lifecycle management and incident triage frameworks