Security Incident Handling & Vulnerability Management - (Remote from EU) - Deadline 24/11/25

·        Assess the existing ServiceNow SecOps implementation and its integration within the broader ITSM environment.

·        Configure and optimize the ServiceNow Security Incident Response (SIR) and Vulnerability Response (VR) modules to enable automated triage, prioritization, and remediation workflows.

·        Develop and formalize security incident handling and vulnerability response processes in alignment with recognized industry standards (e.g., NIST 800-61, ISO/IEC 27035, CIS Controls).

·        Integrate external data sources such as vulnerability scanners (e.g. Qualys, Tenable), threat intelligence platforms, and SIEM systems (e.g. Splunk).

·        Design and implement performance metrics, dashboards, and reports to monitor Service Level Objectives (SLOs), Mean Time to Respond (MTTR), and remediation compliance.

·        Provide documentation, governance recommendations, and knowledge transfer to ensure sustainable operational capability.

REQUIREMENTS:

A minimum of 5 years of proven hands-on experience with ServiceNow Security Operations modules, specifically SIR and VR.

A minimum of 5 years of experience in implementing automated remediation workflows through IntegrationHub, Flow Designer, or custom scripting

Understanding of ServiceNow CMDB and its role in correlation of vulnerabilities and security incidents.

Mandatory:

Certification:ServiceNow System Administrator and/or ServiceNow Security Operations Certified Implementation Specialist

Level : Expert

Delivery mode: Remote from Europe

Only EU Citizens