ServiceNow Security Operations Specialist
We are looking for a colleague with 5+ years of hands‐on experience in Security Incident Response (SIR) and Vulnerability Response (VR) modules to join our team remotely.
Requirements
5+ years of proven hands‐on experience with ServiceNow Security Operations modules, specifically SIR and VR
5+ years of experience implementing automated remediation workflows through IntegrationHub, Flow Designer, or custom scripting
ServiceNow System Administrator certification and/or ServiceNow Security Operations Certified Implementation Specialist certification (mandatory)
Excellent knowledge of ServiceNow Security Operations modules, specifically SIR and VR
Excellent knowledge of ServiceNow platform build skills including Workflow Studio/Flow Designer, data modelling, and integrations
Proficiency with Flow Designer and subflows in Workflow Studio for automating triage, enrichment, tasking, and handoffs across SecOps and ITSM
Experience modelling data and relationships used by SIR and VR (incidents, indicators, affected CIs, vulnerable items, groups, exception records)
Integration design experience using out‐of‐the‐box connectors and custom actions for email, ticketing, collaboration, and security tools
Understanding of ServiceNow CMDB and its role in correlation of vulnerabilities and security incidents
Experience integrating external data sources such as vulnerability scanners (Qualys, Tenable), threat intelligence platforms, and SIEM systems (Splunk)
Ability to design performance metrics, dashboards, and reports to monitor Service Level Objectives (SLOs), Mean Time to Respond (MTTR), and remediation compliance
Knowledge of recognized industry standards such as NIST 800‐61, ISO/IEC 27035, and CIS Controls
Strong documentation and knowledge transfer capabilities
Education level corresponding to Bachelor's degree or equivalent
Job Description
Assess the existing ServiceNow SecOps implementation and its integration within the broader ITSM environment
Configure and optimise the ServiceNow Security Incident Response (SIR) and Vulnerability Response (VR) modules to enable automated triage, prioritisation, and remediation workflows
Develop and formalise security incident handling and vulnerability response processes in alignment with recognized industry standards (NIST 800‐61, ISO/IEC 27035, CIS Controls)
Integrate external data sources such as vulnerability scanners (Qualys, Tenable), threat intelligence platforms, and SIEM systems (Splunk)
Design and implement performance metrics, dashboards, and reports to monitor Service Level Objectives (SLOs), Mean Time to Respond (MTTR), and remediation compliance
Provide documentation, governance recommendations, and knowledge transfer to ensure sustainable operational capability
Build automated workflows using Flow Designer and Workflow Studio for triage, enrichment, tasking, and handoffs across SecOps and ITSM
Model data and relationships used by SIR and VR to support automation, reporting, and Performance Analytics
Design integrations using out‐of‐the‐box connectors and custom actions for security tools including scanner and threat intelligence feeds
Leverage ServiceNow CMDB for correlation of vulnerabilities and security incidents
Coordinate with Security Operations Centers (SOC), IT service management, and compliance teams to ensure procedural consistency
Develop operational playbooks that integrate with ServiceNow workflows
Implement risk classification models, impact assessment, and incident escalation protocols
Manage platform configuration, customisation, update set management, and data model design
Seniority Level
Not Applicable
Employment Type
Contract
Job Function
Information Technology
Industry
IT Services and IT Consulting
Referrals increase your chances of interviewing at Nova Hunte by 2x
Location: Frankfurt am Main, Hesse, Germany (5 days ago)
#J-18808-Ljbffr