Roles and Responsibilities:

The resource that supports routine operations of ServiceNow Security Operation – Vulnerability Response (ServiceNow SecOps VR) is expected to provide services in many areas including routine upgrade/maintenance, subject matter advisory, development support, life-cycle management, and more. More specifically, the resource’s responsibilities include, but are not limited to, the following:

Work with ServiceNow Team to upgrade ServiceNow applications that are related to ServiceNow SecOps VR, including major releases, minor releases, and patch releases.

Provide semi-annual presentations on new ServiceNow releases, highlights new features and applications that are related to ServiceNow SecOps VR. If Threat and Vulnerability Management (TVM) Team is interested in any new feature/application, the resource arranges an in-depth discussion on its applicability/feasibility in the environment. Upon confirmation of the applicability/feasibility, plan, prioritize, and then implement the new feature/application in ServiceNow SecOps VR and/or other ServiceNow modules.

Fully understand the existing implementation of ServiceNow SecOps VR in the environment, including customized scripts/designs/workflows, etc.

Work closely with TVM Team to understand the operation needs. When there is any change in Vulnerability Management process/procedure, quickly identify the relevant native/customized components that need to be updated accordingly and complete the implementation so that it is consistent with the new Vulnerability Management process/procedure.

Support the development of customized scripts inside ServiceNow to address specific needs, e.g., implementing a new change in risk calculation.

Support customized configurations changes (e.g., table changes) to address specific needs.

Support the development of customized dashboards for different teams/users to enhance the monitoring on vulnerability remediation, performance, and compliance.

Support the development of customized workflows for new use cases.

Support the integration between workflows in ServiceNow SecOps VR and workflows in other ServiceNow modules.

Support the customized integration between API-based security tools (e.g., Rapid7 InsightAppSec and Prisma Cloud) and ServiceNow to import security data into ServiceNow.

Troubleshoot issues/problems that rise during usages of ServiceNow SecOps VR, identify, and implement the resolution.

Provide training on usages of ServiceNow SecOps VR.

Selection Criteria & Competencies

5+ years’ experience in ServiceNow that includes 2+ years in SecOps VR.

Previous experience in implementing ServiceNow SecOps VR for at least one customer with 50K+ systems.

Advanced knowledge on the internals of the ServiceNow platform.

Proficient skills in developing customized scripts inside ServiceNow.

Proficient skills in using APIs of security tools (e.g., Rapid7 InsightAppSec and Prisma Cloud) for data retrieval and setting up integration with ServiceNow.

3+ years of hands-on experience developing and maintaining multiple ServiceNow instances

Knowledge and previous experience in implementing ServiceNow ITSM and ITOM is desirable.

Knowledge of basic information security concepts is desirable.