Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Design and optimise security incident response capabilities on the ServiceNow platform.
- Company: Global recruitment specialist with a focus on cyber resilience.
- Benefits: Hybrid work model, competitive salary, and opportunities for professional growth.
- Other info: Fast-tracked application process with potential shortlisting within 48 hours.
- Why this job: Join a dynamic team to strengthen cyber security and make a real impact.
- Qualifications: Experience with ServiceNow SIR and strong understanding of security incident response.
The predicted salary is between 60000 - 80000 £ per year.
We are seeking an experienced ServiceNow Security Incident Response (SIR) Engineer to design, implement, and optimise security incident response capabilities within the ServiceNow platform. This role will play a critical part in strengthening the organisation's cyber resilience by enabling effective detection, response, remediation, and reporting of security incidents across the enterprise. The ideal candidate will have strong hands-on experience with ServiceNow Security Operations (SecOps), particularly the SIR module, and will work closely with Cyber Security, SOC, IT Operations, and Compliance teams to ensure security incidents are handled efficiently, consistently, and in line with organisational and regulatory requirements.
Key Responsibilities
- ServiceNow SIR Implementation & Configuration: Configure and customise the ServiceNow Security Incident Response (SIR) module to support end-to-end incident handling workflows. Design and implement security incident life cycle processes, including intake, triage, investigation, containment, eradication, and closure. Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules.
- Integration & Automation: Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms. Enable automated ingestion of security alerts and events from multiple sources into ServiceNow. Develop workflow automations, Flow Designer flows, and business rules to reduce manual effort and speed up response times.
- Collaboration with Security & IT Teams: Act as a trusted technical partner to SOC analysts, Cyber Security teams, and IT Operations. Translate security and operational requirements into scalable ServiceNow solutions. Support security teams during active incidents, providing platform expertise and tooling support.
- Reporting, Metrics & Continuous Improvement: Build dashboards and reports to track KPIs such as MTTR, incident volumes, severity trends, and SLA compliance. Support audit, compliance, and regulatory reporting requirements. Identify opportunities to improve incident response maturity through enhanced automation, tooling, and process refinement.
- Platform Governance & Best Practice: Ensure configurations align with ServiceNow best practices and security standards. Support platform upgrades, patching, and module enhancements related to SecOps and SIR. Contribute to documentation, knowledge articles, and operational runbooks.
Required Skills & Experience
- Technical Skills: Proven hands-on experience implementing and supporting ServiceNow SIR within ServiceNow SecOps. Strong understanding of security incident response frameworks (e.g. NIST, ISO 27035). Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms. Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations. Experience with REST APIs and data ingestion pipelines.
- Security & Operational Knowledge: Good understanding of cyber threats, vulnerabilities, and incident response processes. Familiarity with SOC operations and security monitoring workflows. Ability to assess and prioritise incidents based on risk and impact.
- Professional Skills: Strong stakeholder management and communication skills, able to work with both technical and non-technical teams. Analytical and problem-solving mindset with attention to detail. Ability to work calmly under pressure during critical incidents.
- Desirable Skills & Certifications: ServiceNow Certified Implementation Specialist - Security Incident Response (preferred). ITIL or ITSM certification. Background in Cyber Security, SOC operations, or Security Engineering. Experience with ServiceNow Vulnerability Response or Threat Intelligence modules.
If you are interested in this position and would like to learn more, please send through your CV and we will get in touch with you as soon as possible. Please note, candidates are often shortlisted within 48 hours.
ServiceNow SIR Engineer in Knutsford employer: eTeam Workforce Limited
Contact Detail:
eTeam Workforce Limited Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land ServiceNow SIR Engineer in Knutsford
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already working with ServiceNow. A friendly chat can lead to insider info about job openings and even referrals.
✨Tip Number 2
Show off your skills! If you’ve got hands-on experience with ServiceNow SIR, consider creating a portfolio or a project that highlights your expertise. This can really set you apart during interviews.
✨Tip Number 3
Prepare for the interview like it’s a big game! Research common questions for ServiceNow roles and practice your answers. Don’t forget to have examples ready that showcase your problem-solving skills in real scenarios.
✨Tip Number 4
Apply through our website! It’s the best way to ensure your application gets seen. Plus, we’re always on the lookout for talented individuals like you to join our team.
We think you need these skills to ace ServiceNow SIR Engineer in Knutsford
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your experience with ServiceNow SIR and related security tools. We want to see how your skills match the job description, so don’t be shy about showcasing your relevant projects!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re passionate about the role and how your background makes you the perfect fit. We love seeing enthusiasm and a personal touch.
Showcase Your Technical Skills: Be specific about your hands-on experience with ServiceNow and any integrations you've done. We’re looking for solid examples of your technical prowess, so don’t hold back on the details!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered quickly. Plus, it’s super easy!
How to prepare for a job interview at eTeam Workforce Limited
✨Know Your ServiceNow SIR Inside Out
Make sure you brush up on your knowledge of the ServiceNow Security Incident Response module. Be ready to discuss your hands-on experience and how you've implemented or configured it in past roles. Highlight specific examples where your work improved incident handling workflows.
✨Understand Cyber Security Fundamentals
Familiarise yourself with key security incident response frameworks like NIST and ISO 27035. Be prepared to talk about how these frameworks influence your approach to incident management and how you can apply them within the ServiceNow platform.
✨Showcase Your Integration Skills
Be ready to discuss your experience integrating ServiceNow with other security tools such as SIEM, SOAR, or EDR platforms. Share specific instances where you automated processes or improved response times through integration, as this will demonstrate your technical prowess.
✨Communicate Effectively with Stakeholders
Highlight your ability to work with both technical and non-technical teams. Prepare to give examples of how you've managed stakeholder expectations during incidents and how you’ve translated complex security requirements into actionable ServiceNow solutions.