ServiceNow SecOps Architect

Job Title: ServiceNow SecOps Architect

Location: Stamford CT

ROLEDESCRIPTION -

1. 12 years of hands-on development experience in ServiceNow platform.
2. 5 years of experience specifically in Security Incident Response (SIR) and Vulnerability Response (VR) implementation.
3. Design configure and customize ServiceNow SIR & VR module
4. Design and develop workflows business rules client scripts and integrations supporting the SIR & VR lifecycle.
5. Integrate VR with external vulnerability scanners and CMDB (Configuration Management Database) to automate import and correlation of vulnerability data.
6. Configure MID Servers data sources and API connections for vulnerability data ingestion.
7. Develop automation for vulnerability assignment remediation tracking and exception management.
8. Create custom dashboards reports and Performance Analytics indicators for vulnerability KPIs and trends.
9. Strong understanding of SOC operations & Incident response frameworks (NIST SANS)
10. Experience working with SIEM SOAR EDR and vulnerability tools.
11. Strong understanding of ServiceNow CMDB Discovery and ITSM processes.
12. Experience integrating with vulnerability scanners (Qualys Tenable Rapid7 Prisma Cloud etc.).
13. Knowledge of JavaScript Glide API Flow Designer and REST/SOAP integrations.
14. Work with business stakeholders technical stakeholders onsite and offshore team to own the delivery of work.


Roles & Responsibilities
1. Lead end-to-end architecture for ServiceNow SecOps SIR & VR including data model scopes and modular design aligned to platform guardrails and performance best practices.
2. Define SecOps governance standards and design patterns
3. Define prioritization models and Risk Score formulas to drive actionable SLAs and dashboards.
4. Design and develop robust CMDB relationships to tie vulnerabilities to assets services and business applications (CIs) enabling service-aware remediation and reporting.
5. Enable bidirectional integration between SIR and ITSM.
6. Integrate enterprise vulnerability scanners (e.g. Tenable Qualys Rapid7) and threat intel feeds; tune parsing de-duplication and matching logic.
7. Optimize Vulnerability Item (VI) normalization de-duplication suppression false positive handling and asset-vuln correlation at scale.
8. Implement exception workflows (risk acceptance compensating controls deferrals) with risk justification and approvals.
9. Build executive and operational dashboards (exposure by service asset tier business unit critical vulnerabilities SLA breach MTTR).
10. Establish multi-environment strategies (DEV/TEST/PROD) ATF coverage upgrade readiness and platform governance.

Generic Managerial Skills If any
1. Strong analytical and troubleshooting skills.
2. Excellent communication and documentation skills.
3. Ability to work collaboratively across security IT and risk teams.
4. Self-driven and adaptable to fast-paced environments.
Key Words to search in Resume
ServiceNow SecOps Security Incident Response (SIR) and Vulnerability Response (VR)
Pre-Screening Questionnaire
1. Do you have hands-on experience designing configuring /customizing the ServiceNow SIR & VR modules Response should be yes.
2. Do you have hands-on experience with scripting in ServiceNow Response should be yes