ServiceNow SecOps SME
System One
Herndon, VA
JOB DETAILS
SALARY
$120,000–$140,000 Per Hour
SKILLS
Agile Programming Methodologies, Analysis Skills, AngularJS, Application Programming Interface (API), Atlassian JIRA, Automation, Best Practices, CISA - Certified Information Systems Auditor, CISSP - Certified Information Systems Security Professional, CSS (Cascading Style Sheet), Coding Standards, Computer Science, Computer Security, Consulting, Customer Support/Service, Documentation, Error Handling, Event Correlation, HTML (HyperText Markup Language), Homeland Security, IR (Infrared), ISSAP - Information Systems Security Architecture Professional, ISSEP - Information Systems Security Engineering Professional, ITIL (IT Infrastructure Library), Identify Issues, Incident Management, Intel Product Family, Intelligence Community, Internet Security, Internet Technology, JavaScript, Knowledge Transfer, LDAP (Lightweight Directory Access Protocol), Mentoring, Microsoft Outlook, Microsoft SharePoint, Outsourcing, Performance Analysis, Performance Metrics, Problem Solving Skills, REST (Representational State Transfer), Reporting Dashboards, Requirements Management, SOAP (Simple Object Access Protocol), Scripting (Scripting Languages), Secure Coding, Security Attacks, Security Information and Event Management (SIEM), Sensitive Compartmented Information (SCI), Service Delivery, ServiceNow, Single Sign-On (SSO), Software Development, Software Engineering, Software Patches, Splunk, System Integration (SI), Systems Administration/Management, Systems Engineering, Technical Delivery, Technical Support, Technical/Engineering Design, Top Secret Clearance, U.S. National Institute of Standards and Technology (NIST), United States Department of Defense (DoD), Use Cases, Vulnerability Scanners, XML (EXtensible Markup Language)
LOCATION
Herndon, VA
POSTED
2 days ago
Location: Dulles, VA (Hybrid Position)
Salary is Negotiable
Clearance: at least a Secret, clearable to a TS/SCI
We are seeking a ServiceNow SecOps SME to design, develop, and implement ServiceNow Security Operations (SecOps) solutions that enhance the customer’s ability to detect, respond, and remediate security threats.
This hybrid role combines ServiceNow SecOps development, integration engineering, and process consulting. The ideal candidate will work directly with security stakeholders, translate mission requirements into technical designs, and deliver scalable, secure, and automated SecOps capabilities within the ServiceNow platform.
Responsibilities Include:
• Designing, prototyping, and implementing ServiceNow SecOps applications, including:
o Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks.
o Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation.
o Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards.
o Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows.
• Supporting the customer’s roadmap for Splunk integrations to enable alert ingestion, bi-directional incident synchronization, and SIEM dashboards.
• Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, VirusTotal, Hybrid Analysis) using IntegrationHub, REST/SOAP APIs, and MID Server.
• Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions.
• Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards.
• Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions.
• Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture.
• Supporting incident resolution, troubleshooting, and sustainment of the ServiceNow SecOps environment.
• Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment.
Required Skills:
• Minimum 4+ years of ServiceNow experience, with at least 2+ years focused on SecOps applications (SIR, VR, CC, or TI).
• Strong knowledge of ServiceNow administration, advanced configuration, and custom application development.
• Experience integrating ServiceNow with SIEM, vulnerability scanners, and threat intelligence platforms.
• Hands-on experience with Flow Designer, Orchestration, IntegrationHub, and MID Server.
• Strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO).
• Familiarity with federal cybersecurity frameworks (NIST 800-53, FedRAMP, CISA KEV, MITRE ATT&CK).
Desired Skills:
• Experience supporting DHS, DoD, or Intelligence Community customers.
• Experience deploying future-state SecOps processes including incident triage, vulnerability management, compliance automation, and threat intel workflows.
• Familiarity with Splunk use cases for security operations and event correlation.
• Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence).
• Strong problem-solving, analytical, and consulting skills in complex security environments.
Desired Certifications (one or more preferred):
• Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired.
• ServiceNow Certified System Administrator (CSA).
• ServiceNow Certified Application Developer.
• ServiceNow Certified Implementation Specialist – SecOps (SIR, VR, or CC).
• ITIL v4 Foundation certification (or willingness to complete within one year).
• DoD 8570.1-M Compliance at IAT Level I (e.g., Certified Information Systems Security Professional (CISSP)) certification highly desired
Required Education:
• Bachelor’s degree in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, or a related discipline, and at least 8 years of directly relevant work experience.
System One, and its subsidiaries including Joulé, ALTA IT Services, and Mountain Ltd., are leaders in delivering outsourced services and workforce solutions across North America. We help clients get work done more efficiently and economically, without compromising quality. System One not only serves as a valued partner for our clients, but we offer eligible employees health and welfare benefits coverage options including medical, dental, vision, spending accounts, life insurance, voluntary plans, as well as participation in a 401(k) plan.
System One is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, age, national origin, disability, family care or medical leave status, genetic information, veteran status, marital status, or any other characteristic protected by applicable federal, state, or local law.
#M1
#LI-CB3
#DI-CB4
Ref: #851-Rockville-S1
About the Company
S
System One
Every day, System One focuses on services and solutions that require a high degree of specialization, in-demand technical skills, and large-scale operational expertise. We are essential partners to those on the front lines of our nation’s most critical infrastructure, technology, and life sciences initiatives.
Founded more than 40 years ago as a staffing partner to the engineering industry, today System One is a diversified organization operating in over 50 locations and putting more than 9,000 people to work in the United States, Canada, and the United Kingdom.
COMPANY SIZE
2,500 to 4,999 employeesINDUSTRY
Staffing/Employment Agencies
WEBSITE
https://systemone.com