Business Process Tech Consultant (ServiceNow)
Nightwing · Sterling, VA · 8 mo ago
Information TechnologyFull-time
Responsibilities
- Designing, prototyping, and implementing ServiceNow SecOps applications, including:
- Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks.
- Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation.
- Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards.
- Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows.
- Supporting the customer’s roadmap for Splunk integrations to enable alert ingestion, bi-directional incident synchronization, and SIEM dashboards.
- Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, VirusTotal, Hybrid Analysis) using IntegrationHub, REST/SOAP APIs, and MID Server.
- Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions.
- Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards.
- Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions.
- Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture.
- Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment.
Requirements
- U.S. Citizenship required; must be located on U.S. soil.
- Must be able to obtain DHS program suitability and a TS/SCI clearance.
- 8+ years of software development, IT security, or IT systems engineering experience.
- Minimum 4+ years of ServiceNow experience, with at least 2+ years focused on SecOps applications (SIR, VR, CC, or TI).
- Strong knowledge of ServiceNow administration, advanced configuration, and custom application development.
- Experience integrating ServiceNow with SIEM, vulnerability scanners, and threat intelligence platforms.
- Hands-on experience with Flow Designer, Orchestration, IntegrationHub, and MID Server.
- Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO).
- Familiarity with federal cybersecurity frameworks (NIST 800-53, FedRAMP, CISA KEV, MITRE ATT&CK).
- Strong communication, presentation, and documentation skills for technical and business stakeholders.
Qualifications
- Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, or a related discipline.
- In lieu of a degree: an additional 10 years of directly relevant work experience (for a total of 18+ years) may be substituted.
Skills
- Experience supporting DHS, DoD, or Intelligence Community customers.
- Experience deploying future-state SecOps processes including incident triage, vulnerability management, compliance automation, and threat intel workflows.
- Familiarity with Splunk use cases for security operations and event correlation.
- Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence).
- Strong problem-solving, analytical, and consulting skills in complex security environments.
- Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired.
Pay
TBD
Schedule
Hybrid
Benefits
Commensurate with experience
Company Info
Nightwing is An Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status, age or any other federally protected class.