ServiceNow SecOps Business Process​/Technical Consultant

Service Now Sec Ops Business Process / Technical Consultant

Join to apply for the Service Now Sec Ops Business Process / Technical Consultant role  role supports a U.S. Government customer on a mission‑critical cyber operations program. You will design, develop and implement Service Now Security Operations (Sec Ops) solutions that enhance the customer’s ability to detect, respond and remediate security threats.

This hybrid role combines Service Now Sec Ops development, integration engineering and process consulting. The ideal candidate will work directly with security stakeholders, translate mission requirements into technical designs, and deliver scalable, secure and automated Sec Ops capabilities within the Service Now platform.

• Design, prototype and implement Service Now Sec Ops applications, including:
• Security Incident Response (SIR): enrichment, correlation rules and automated playbooks.
• Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation.
• Configuration Compliance (CC): policy exception handling, remediation tasks and compliance dashboards.
• Threat Intelligence (TI): ingestion of IOCs, sightings search and enrichment workflows.
• Support the customer’s roadmap for Splunk integrations to enable alert ingestion, bi‑directional incident synchronization and SIEM dashboards.
• Develop custom integrations with SIEM, scanner and intel tools (e.g., Splunk, Tenable, Virus Total, Hybrid Analysis) using Integration Hub, REST/SOAP APIs and MID Server.
• Build and maintain orchestration playbooks, Flow Designer workflows, Business Rules and Script Includes to automate enrichment and response actions.
• Document and maintain policies, procedures and technical designs aligned with Agile development practices and secure coding standards.
• Lead workshops with SOC, IR and VR teams to capture mission needs, define business requirements and translate them into technical solutions.
• Create and maintain Performance Analytics dashboards and KPIs to provide real‑time visibility into security posture.
• Support incident resolution, troubleshooting and sustainment of the Service Now Sec Ops environment.
• Provide mentorship and knowledge transfer to client staff on best practices and solution sustainment.

• U.S. citizenship required.
• Must be able to obtain DHS program suitability and a TS/SCI clearance.
• 8+ years of software development, IT security or IT systems engineering experience.
• Minimum 4+ years of Service Now experience, with at least 2+ years focused on Sec Ops applications (SIR, VR, CC or TI).
• Strong knowledge of Service Now administration, advanced configuration and custom application development.
• Experience integrating Service Now with SIEM, vulnerability scanners and threat intelligence platforms.
• Hands‑on experience with Flow Designer, Orchestration, Integration Hub and MID Server.
• Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO).
• Familiarity with federal cybersecurity frameworks (NIST 800‑53, FedRAMP, CISA KEV, MITRE ATT&CK).
• Strong communication, presentation and documentation skills for technical and business stakeholders.

• Experience supporting DHS, DoD or Intelligence Community customers.
• Experience deploying future‑state Sec Ops processes including incident triage, vulnerability management, compliance automation and threat intel workflows.
• Familiarity with Splunk use cases for security operations and event correlation.
• Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence).
• Strong problem‑solving, analytical and consulting skills in complex security environments.
• Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired.

• Service Now Certified System Administrator (CSA).
• Service Now Certified Application Developer.
• Service Now Certified Implementation Specialist – Sec Ops (SIR, VR or CC).
• ITIL v4 Foundation certification (or willingness to complete within one year).
• DoD 8570.1‑M Compliance at IAT Level I (e.g., Certified…