Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Design and optimise security incident response capabilities using ServiceNow.
- Company: Join a leading tech firm focused on cyber resilience.
- Benefits: Competitive daily rate, hybrid work model, and professional growth opportunities.
- Other info: Collaborative environment with potential for career advancement.
- Why this job: Make a real impact in strengthening cyber security across the enterprise.
- Qualifications: Experience with ServiceNow SIR and strong understanding of security incident response.
The predicted salary is between 30000 - 40000 £ per year.
Duration: contract to run until 30/11/2026
Location: Knutsford, Hybrid 3 days per week onsite
Rate: up to £471.96 p/d Umbrella inside IR35
Role purpose/summary
We are seeking an experienced ServiceNow Security Incident Response (SIR) Engineer to design, implement, and optimise security incident response capabilities within the ServiceNow platform. This role will play a critical part in strengthening the organisation's cyber resilience by enabling effective detection, response, remediation, and reporting of security incidents across the enterprise. The ideal candidate will have strong hands-on experience with ServiceNow Security Operations (SecOps), particularly the SIR module, and will work closely with Cyber Security, SOC, IT Operations, and Compliance teams to ensure security incidents are handled efficiently, consistently, and in line with organisational and regulatory requirements.
Key Responsibilities
- ServiceNow SIR Implementation & Configuration
- Configure and customise the ServiceNow Security Incident Response (SIR) module to support end-to-end incident handling workflows.
- Design and implement security incident life cycle processes, including intake, triage, investigation, containment, eradication, and closure.
- Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules.
- Integration & Automation
- Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms.
- Enable automated ingestion of security alerts and events from multiple sources into ServiceNow.
- Develop workflow automations, Flow Designer flows, and business rules to reduce manual effort and speed up response times.
- Collaboration with Security & IT Teams
- Act as a trusted technical partner to SOC analysts, Cyber Security teams, and IT Operations.
- Translate security and operational requirements into scalable ServiceNow solutions.
- Support security teams during active incidents, providing platform expertise and tooling support.
- Reporting, Metrics & Continuous Improvement
- Build dashboards and reports to track KPIs such as MTTR, incident volumes, severity trends, and SLA compliance.
- Support audit, compliance, and regulatory reporting requirements.
- Identify opportunities to improve incident response maturity through enhanced automation, tooling, and process refinement.
- Platform Governance & Best Practice
- Ensure configurations align with ServiceNow best practices and security standards.
- Support platform upgrades, patching, and module enhancements related to SecOps and SIR.
- Contribute to documentation, knowledge articles, and operational runbooks.
Required Skills & Experience
- Technical Skills
- Proven hands-on experience implementing and supporting ServiceNow SIR within ServiceNow SecOps.
- Strong understanding of security incident response frameworks (eg NIST, ISO 27035).
- Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms.
- Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations.
- Experience with REST APIs and data ingestion pipelines.
- Security & Operational Knowledge
- Good understanding of cyber threats, vulnerabilities, and incident response processes.
- Familiarity with SOC operations and security monitoring workflows.
- Ability to assess and prioritise incidents based on risk and impact.
- Professional Skills
- Strong stakeholder management and communication skills, able to work with both technical and non-technical teams.
- Analytical and problem-solving mindset with attention to detail.
- Ability to work calmly under pressure during critical incidents.
- Desirable Skills & Certifications
- ServiceNow Certified Implementation Specialist - Security Incident Response (preferred).
- ITIL or ITSM certification.
- Background in Cyber Security, SOC operations, or Security Engineering.
- Experience with ServiceNow Vulnerability Response or Threat Intelligence modules.
All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
SNOW SIR Engineer CGEMJP in Knutsford employer: Experis IT
Contact Detail:
Experis IT Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SNOW SIR Engineer CGEMJP in Knutsford
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those who work with ServiceNow or in cyber security. Attend meetups or webinars, and don’t be shy about asking for informational interviews – you never know where a chat might lead!
✨Tip Number 2
Show off your skills! If you’ve got hands-on experience with ServiceNow SIR, consider creating a portfolio or case studies that highlight your achievements. This can really set you apart when chatting with potential employers.
✨Tip Number 3
Prepare for those interviews! Brush up on common questions related to ServiceNow and security incident response. Practice explaining your past experiences clearly and confidently, focusing on how you’ve tackled challenges in previous roles.
✨Tip Number 4
Don’t forget to apply through our website! We’re always on the lookout for talented individuals like you. Plus, it’s a great way to ensure your application gets the attention it deserves.
We think you need these skills to ace SNOW SIR Engineer CGEMJP in Knutsford
Some tips for your application 🫡
Tailor Your CV: Make sure your CV is tailored to the SNOW SIR Engineer role. Highlight your hands-on experience with ServiceNow SIR and any relevant security incident response frameworks. We want to see how your skills match what we're looking for!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you're the perfect fit for this role. Mention specific projects or experiences that relate to the key responsibilities outlined in the job description.
Showcase Your Technical Skills: Don’t forget to highlight your technical skills, especially around ServiceNow development and integration with security tools. We love seeing candidates who can demonstrate their expertise in these areas!
Apply Through Our Website: We encourage you to apply through our website for the best chance of getting noticed. It helps us keep track of applications and ensures you’re considered for the role. Plus, it’s super easy!
How to prepare for a job interview at Experis IT
✨Know Your ServiceNow SIR Inside Out
Make sure you brush up on your knowledge of the ServiceNow Security Incident Response module. Be ready to discuss your hands-on experience and how you've implemented or optimised SIR in past roles. Prepare specific examples that showcase your skills in configuring workflows and automating processes.
✨Understand Cyber Security Fundamentals
Familiarise yourself with key concepts in cyber security, especially incident response frameworks like NIST and ISO 27035. Be prepared to explain how these frameworks influence your approach to incident handling and how you can apply them within the ServiceNow platform.
✨Showcase Your Collaboration Skills
This role requires working closely with various teams, so be ready to share examples of how you've successfully collaborated with SOC analysts, IT operations, and compliance teams. Highlight your communication skills and how you translate technical requirements into actionable solutions.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that test your problem-solving abilities under pressure. Think about past incidents you've managed and how you approached them. Be ready to discuss your decision-making process and the outcomes of your actions.