ServiceNow Developer​/Business Process Consultant, Security Operations; SecOps

Service Now Developer/Business Process Consultant, Security Operations (Sec Ops)

Join to apply for the Service Now Developer/Business Process Consultant, Security Operations (Sec Ops) role at Triangle Cyber, LLC

Triangle Cyber is seeking a highly skilled, motivated Service Now Business Process Consultant/Developer with Sec Ops development experience to join our team on a federal contract engagement. This role combines Service Now Sec Ops development, integration engineering, and process consulting. The ideal candidate will work directly with security stakeholders, translate mission requirements into technical designs, and deliver scalable, secure, and automated Sec Ops capabilities within the Service Now platform.

• Designing, prototyping, and implementing Service Now Sec Ops applications, including:
  • Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks.
  • Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation.
  • Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards.
  • Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows.
• Supporting the customer’s roadmap for Splunk integrations to enable alert ingestion, bi‑directional incident synchronization, and SIEM dashboards.
• Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, Virus Total, Hybrid Analysis) using Integration Hub, REST/SOAP APIs, and MID Server.
• Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions.
• Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards.
• Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions.
• Creating and maintaining Performance Analytics dashboards and KPIs to provide real‑time visibility into security posture.
• Supporting incident resolution, troubleshooting, and sustainment of the Service Now Sec Ops environment.
• Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment.
• Able to communicate project progress, technical challenges, and solutions to both technical and non‑technical stakeholders.

• Must be a U.S. citizen with an active Secret or Top Secret clearance.
• A minimum of eight (8) years of software development experience, including four (4) years of Service Now experience.
• A minimum of two (2) years of Service Now Sec Ops experience designing, prototyping, and implementing Service Now Sec Ops applications.
• A Bachelor's degree or higher in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, or a related technical discipline from an accredited college or university. If the degree is not in a relevant technical field, a four (4) additional years of related experience for a total of twelve (12) years of experience is required.
• An active Service Now certification:
  • Service Now Certified System Administrator (CSA).
  • Service Now Certified Application Developer (CAD).
  • Service Now Certified Implementation Specialist (CIS), Sec Ops (SIR, VR, or CC).
• Strong knowledge of Service Now administration, advanced configuration, and custom application development.
• Experience integrating Service Now with SIEM, vulnerability scanners, and threat intelligence platforms.
• Hands‑on experience with Flow Designer, Orchestration, Integration Hub, and MID Server.
• Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO).
• Familiarity with federal cybersecurity frameworks (NIST 800‑53, FedRAMP, CISA KEV, MITRE ATT&CK).
• Strong communication, presentation, and documentation skills for engagements with technical and business stakeholders.

• Experience supporting DHS, DoD, or Intelligence Community customers.
• Experience deploying future‑state Sec Ops processes, including incident triage, vulnerability management,…