ServiceNow SecOps Business Process Technical Consultant

BCMC is supporting a U.S. Government customer on a mission-critical cyber operations program. We are seeking a ServiceNow SecOps Business Process / Technical Consultant to design develop and implement ServiceNow Security Operations (SecOps) solutions that enhance the customers ability to detect respond and remediate security threats.

This hybrid role combines ServiceNow SecOps development integration engineering and process consulting. The ideal candidate will work directly with security stakeholders translate mission requirements into technical designs and deliver scalable secure and automated SecOps capabilities within the ServiceNow platform.

Responsibilities Include:
Designing prototyping and implementing ServiceNow SecOps applications including:
o Security Incident Response (SIR): enrichment correlation rules and automated playbooks.
o Vulnerability Response (VR): scanner integrations remediation workflows patch group automation.
o Configuration Compliance (CC): policy exception handling remediation tasks compliance dashboards.
o Threat Intelligence (TI): ingestion of IOCs sightings search enrichment workflows.
Supporting the customers roadmap for Splunk integrations to enable alert ingestion bi-directional incident synchronization and SIEM dashboards.
Developing custom integrations with SIEM scanner and intel tools (e.g. Splunk Tenable VirusTotal Hybrid Analysis) using IntegrationHub REST/SOAP APIs and MID Server.
Building and maintaining orchestration playbooks Flow Designer workflows Business Rules and Script Includes to automate enrichment and response actions.
Documenting and maintaining policies procedures and technical designs aligned with Agile development practices and secure coding standards.
Leading workshops with SOC IR and VR teams to capture mission needs define business requirements and translate them into technical solutions.
Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture.
Supporting incident resolution troubleshooting and sustainment of the ServiceNow SecOps environment.
Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment.

Required Skills:
U.S. Citizenship required.
Must be able to obtain DHS program suitability and a TS/SCI clearance.
8 years of software development IT security or IT systems engineering experience.
Minimum 4 years of ServiceNow experience with at least 2 years focused on SecOps applications (SIR VR CC or TI).
Strong knowledge of ServiceNow administration advanced configuration and custom application development.
Experience integrating ServiceNow with SIEM vulnerability scanners and threat intelligence platforms.
Hands-on experience with Flow Designer Orchestration IntegrationHub and MID Server.
Strong technical skills in web technologies (JavaScript HTML XML Angular CSS) and integration technologies (REST SOAP LDAP SSO).
Familiarity with federal cybersecurity frameworks (NIST 800-53 FedRAMP CISA KEV MITRE ATT&CK).
Strong communication presentation and documentation skills for technical and business stakeholders.

Desired Skills:
Experience supporting DHS DoD or Intelligence Community customers.
Experience deploying future-state SecOps processes including incident triage vulnerability management compliance automation and threat intel workflows.
Familiarity with Splunk use cases for security operations and event correlation.
Experience with collaboration tools (MS Teams Outlook SharePoint Atlassian Jira/Confluence).
Strong problem-solving analytical and consulting skills in complex security environments.
Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired.

Desired Certifications:
ServiceNow Certified System Administrator (CSA).
ServiceNow Certified Application Developer.
ServiceNow Certified Implementation Specialist SecOps (SIR VR or CC).
ITIL v4 Foundation certification (or willingness to complete within one year).
DoD 8570.1-M Compliance at IAT Level I (e.g. Certified Information Systems Security Professional (CISSP)) certification highly desired

Required Education:
Bachelors degree in Cybersecurity Computer Science Software Engineering Systems Engineering or a related discipline and at least 8 years of directly relevant work experience.
In lieu of a degree: an additional 10 years of directly relevant work experience (for a total of 18 years) may be substituted.

Our Company Overview
Business Computers Management Consulting Group LLC (BCMC) is a small business specializing in Information Technology (IT) Cybersecurity Information Assurance (IA) SOA Big Data Management Program Management and more for Federal State and Local agencies. We possess highly skilled engineers providing innovative solutions backed by strong past performances. We are ISO 9001:2015 ISO 27001::2018 and CMMI L3 certified and registered promising highest quality and services to all of our clients.

Benefits
Extremely competitive salary
95% employer paid for employee medical dental & vision coverages
100% employer paid for employee life STD & LTD disability coverages
401k with company match and profit sharing
Flexible Spending Account (FSA) for dependent & health care
11standard holidays & 3 weeks of annual leave

DOM-TO9-3491
Systems Engineer - Principal I - ESE05