ServiceNow Developer/Business Process Consultant, Security Operations (SecOps) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Triangle Cyber, LLC · 1 month ago

ServiceNow Developer/Business Process Consultant, Security Operations (SecOps)

positionSterling, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date8+ years exp

Triangle Cyber is seeking a highly skilled, motivated ServiceNow Business Process Consultant/Developer with SecOps development experience to join our team on a federal contract engagement. This role combines ServiceNow SecOps development, integration engineering, and process consulting.

Computer & Network Security
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Designing, prototyping, and implementing ServiceNow SecOps applications, including:
Security Incident Response (SIR): enrichment, correlation rules, and automated playbooks
Vulnerability Response (VR): scanner integrations, remediation workflows, patch group automation
Configuration Compliance (CC): policy exception handling, remediation tasks, compliance dashboards
Threat Intelligence (TI): ingestion of IOCs, sightings search, enrichment workflows
Supporting the customer’s roadmap for Splunk integrations to enable alert ingestion, bi-directional incident synchronization, and SIEM dashboards
Developing custom integrations with SIEM, scanner, and intel tools (e.g., Splunk, Tenable, VirusTotal, Hybrid Analysis) using IntegrationHub, REST/SOAP APIs, and MID Server
Building and maintaining orchestration playbooks, Flow Designer workflows, Business Rules, and Script Includes to automate enrichment and response actions
Documenting and maintaining policies, procedures, and technical designs aligned with Agile development practices and secure coding standards
Leading workshops with SOC, IR, and VR teams to capture mission needs, define business requirements, and translate them into technical solutions
Creating and maintaining Performance Analytics dashboards and KPIs to provide real-time visibility into security posture
Supporting incident resolution, troubleshooting, and sustainment of the ServiceNow SecOps environment
Providing mentorship and knowledge transfer to client staff on best practices and solution sustainment
Able to communicate project progress, technical challenges, and solutions to both technical and non-technical stakeholders

Qualification

ServiceNowServiceNow SecOpsIntegrationHubFlow DesignerJavaScriptServiceNow certificationsSIEM integrationNIST 800-53Communication skillsProblem-solving skills

Required

Must be a U.S. citizen with an active Secret or Top Secret clearance
A minimum of eight (8) years of software development experience, including four (4) years of ServiceNow experience
A minimum of two (2) years of ServiceNow SecOps experience designing, prototyping, and implementing ServiceNow SecOps applications
A Bachelor's degree or higher in Cybersecurity, Computer Science, Software Engineering, Systems Engineering, or a related technical discipline, from an accredited college or university. If your degree is not in a relevant technical field, you must have four (4) additional years of related experience, for a total of 12 years of experience
Must have an active ServiceNow certification: ServiceNow Certified System Administrator (CSA), ServiceNow Certified Application Developer (CAD), ServiceNow Certified Implementation Specialist (CIS), SecOps (SIR, VR, or CC)
Must have a strong knowledge of ServiceNow administration, advanced configuration, and custom application development
Must have experience integrating ServiceNow with SIEM, vulnerability scanners, and threat intelligence platforms
Must have hands-on experience with Flow Designer, Orchestration, IntegrationHub, and MID Server
Must have strong technical skills in web technologies (JavaScript, HTML, XML, Angular, CSS) and integration technologies (REST, SOAP, LDAP, SSO)
Must demonstrate familiarity with federal cybersecurity frameworks (NIST 800-53, FedRAMP, CISA KEV, MITRE ATT&CK)
Must have strong communication, presentation, and documentation skills for engagements with technical and business stakeholders

Preferred

Experience supporting DHS, DoD, or Intelligence Community customers
Experience deploying future-state SecOps processes, including incident triage, vulnerability management, compliance automation, and threat intel workflows
Familiarity with Splunk use cases for security operations and event correlation
Experience with collaboration tools (MS Teams, Outlook, SharePoint, Atlassian Jira/Confluence)
Strong problem-solving, analytical, and consulting skills in complex security environments
ITIL v4 Foundation certification (or willingness to complete within one year)
DoD 8570.1-M Compliance at IAT Level I (e.g., Certified Information Systems Security Professional (CISSP)) certification is highly desired
Information Systems Security Engineering Professional (ISSEP) or Information System Security Architect Professional (ISSAP) certification desired

Company

Triangle Cyber, LLC

twitter
company-logo
Triangle Cyber provides IT/Cybersecurity engineering, managed cybersecurity, and Business Agility/Digital Transformation services.
dateFounded in 2022
location
Raleigh, NC, US
people-size2-10 employees
web-link
https://www.trianglecyber.net

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Jim Matthews
Founder and CEO
linkedin
Company data provided by crunchbase