Security Incident Handling & Vulnerability Management ServiceNow

• Assess the existing ServiceNow SecOps implementation and its integration within the broader ITSM environment.
• Configure and optimize the ServiceNow Security Incident Response (SIR) and Vulnerability Response (VR) modules to enable automated triage prioritization and remediation workflows.
• Develop and formalize security incident handling and vulnerability response processes in alignment with recognized industry standards (e.g. NIST 800-61 ISO/IEC 27035 CIS Controls).
• Integrate external data sources such as vulnerability scanners (e.g. Qualys Tenable) threat intelligence platforms and SIEM systems (e.g. Splunk).
• Design and implement performance metrics dashboards and reports to monitor Service Level Objectives (SLOs) Mean Time to Respond (MTTR) and remediation compliance.
• Provide documentation governance recommendations and knowledge transfer to ensure sustainable operational capability.

Qualifications :

• Bachelors degree plus 9 years of relevant experience.
• Working knowledge of English (B2 or higher)
• Minimum of 5 years of proven hands-on experience with ServiceNow Security Operations modules specifically SIR and VR.
• Minimum of 5 years of experience in implementing automated remediation workflows through IntegrationHub Flow Designer or custom scripting
• Excellent knowledge of ServiceNow Security Operations modules specifically SIR and VR.
• Excellent knowledge on ServiceNow platform build skills (Workflow Studio/Flow Designer data modelling integrations):

1. Proficiency with Flow Designer and subflows in Workflow Studio for automating triage enrichment tasking and handoffs across SecOps and ITSM.
2. Modelling data and relationships used by SIR and VR (incidents indicators affected CIs vulnerable items groups exception records) to support automation reporting and Performance Analytics.

• Integration design using out of the box connectors and custom actions for email ticketing collaboration and security tools including scanner and threat intel feeds.
• Understanding of ServiceNow CMDB and its role in correlation of vulnerabilities and security incidents.
• Mandatory Certification: ServiceNow System Administrator and/or ServiceNow Security Operations Certified Implementation Specialist

Desirable:

• Minimum of 5 years of experience with coordinating with Security Operations Centers (SOC) IT service management and compliance teams to ensure procedural consistency.
• Advanced skills in platform configuration customization update set management and data model design.
• Familiarity with DevOps practices change control and scoped application governance within ServiceNow.
• Demonstrated ability to design and document incident response and vulnerability management processes aligned with enterprise policies and international frameworks.
• Expertise in developing operational playbooks that integrate with ServiceNow workflows.
• Knowledge of risk classification models impact assessment and incident escalation protocols.

Remote Work :

Yes

Employment Type :

Full-time