Find a job 
Featured Companies 
Featured Universities 
For Companies At a Glance
- Tasks: Design and optimise security incident response capabilities using ServiceNow.
- Company: Join a leading tech firm focused on cyber resilience.
- Benefits: Competitive daily rate, hybrid work model, and professional growth opportunities.
- Other info: Dynamic role with potential for career advancement until November 2026.
- Why this job: Make a real impact in strengthening cyber security across the enterprise.
- Qualifications: Experience with ServiceNow SIR and strong collaboration skills required.
The predicted salary is between 30000 - 40000 £ per year.
We are seeking an experienced ServiceNow Security Incident Response (SIR) Engineer to design, implement, and optimise security incident response capabilities within the ServiceNow platform. This role will play a critical part in strengthening the organisation's cyber resilience by enabling effective detection, response, remediation, and reporting of security incidents across the enterprise. The ideal candidate will have strong hands-on experience with ServiceNow Security Operations (SecOps), particularly the SIR module, and will work closely with Cyber Security, SOC, IT Operations, and Compliance teams to ensure security incidents are handled efficiently, consistently, and in line with organisational and regulatory requirements.
Key Responsibilities
- ServiceNow SIR Implementation & Configuration
- Configure and customise the ServiceNow Security Incident Response (SIR) module to support end-to-end incident handling workflows.
- Design and implement security incident lifecycle processes, including intake, triage, investigation, containment, eradication, and closure.
- Configure security incident types, response playbooks, task automation, SLAs, notifications, and escalation rules.
- Integration & Automation
- Integrate ServiceNow SIR with security tools such as SIEM, SOAR, EDR, vulnerability scanners, and threat intelligence platforms.
- Enable automated ingestion of security alerts and events from multiple sources into ServiceNow.
- Develop workflow automations, Flow Designer flows, and business rules to reduce manual effort and speed up response times.
- Collaboration with Security & IT Teams
- Act as a trusted technical partner to SOC analysts, Cyber Security teams, and IT Operations.
- Translate security and operational requirements into scalable ServiceNow solutions.
- Support security teams during active incidents, providing platform expertise and tooling support.
- Reporting, Metrics & Continuous Improvement
- Build dashboards and reports to track KPIs such as MTTR, incident volumes, severity trends, and SLA compliance.
- Support audit, compliance, and regulatory reporting requirements.
- Identify opportunities to improve incident response maturity through enhanced automation, tooling, and process refinement.
- Platform Governance & Best Practice
- Ensure configurations align with ServiceNow best practices and security standards.
- Support platform upgrades, patching, and module enhancements related to SecOps and SIR.
- Contribute to documentation, knowledge articles, and operational runbooks.
Required Skills & Experience
- Technical Skills
- Proven hands-on experience implementing and supporting ServiceNow SIR within ServiceNow SecOps.
- Strong understanding of security incident response frameworks (e.g. NIST, ISO 27035).
- Experience integrating ServiceNow with security tools such as SIEM, SOAR, or EDR platforms.
- Solid ServiceNow development skills, including Flow Designer, business rules, UI policies, client scripts, and integrations.
- Experience with REST APIs and data ingestion pipelines.
- Security & Operational Knowledge
- Good understanding of cyber threats, vulnerabilities, and incident response processes.
- Familiarity with SOC operations and security monitoring workflows.
- Ability to assess and prioritise incidents based on risk and impact.
- Professional Skills
- Strong stakeholder management and communication skills, able to work with both technical and non-technical teams.
- Analytical and problem-solving mindset with attention to detail.
- Ability to work calmly under pressure during critical incidents.
- Desirable Skills & Certifications
- ServiceNow Certified Implementation Specialist – Security Incident Response (preferred).
- ITIL or ITSM certification.
- Background in Cyber Security, SOC operations, or Security Engineering.
- Experience with ServiceNow Vulnerability Response or Threat Intelligence modules.
All profiles will be reviewed against the required skills and experience. Due to the high number of applications we will only be able to respond to successful applicants in the first instance. We thank you for your interest and the time taken to apply!
SNOW SIR Engineer CGEMJP00339994 in Knutsford employer: Experis
Contact Detail:
Experis Recruiting Team
StudySmarter Expert Advice 🤫
We think this is how you could land SNOW SIR Engineer CGEMJP00339994 in Knutsford
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those who work with ServiceNow or in cyber security. Attend meetups or webinars, and don’t be shy about asking for informational interviews. You never know who might have the inside scoop on job openings!
✨Tip Number 2
Show off your skills! Create a portfolio or a GitHub repository showcasing your ServiceNow projects, especially any SIR implementations you've done. This gives potential employers a tangible look at what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common questions related to ServiceNow SIR and incident response frameworks. Practice articulating your experience with integrations and automations, as well as how you’ve collaborated with security teams in the past.
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love seeing candidates who are proactive about their job search. So, get that application in and let’s get you on board!
We think you need these skills to ace SNOW SIR Engineer CGEMJP00339994 in Knutsford
Some tips for your application 🫡
Tailor Your CV: Make sure your CV highlights your hands-on experience with ServiceNow SIR and any relevant security incident response frameworks. We want to see how your skills align with the role, so don’t be shy about showcasing your achievements!
Craft a Compelling Cover Letter: Your cover letter is your chance to shine! Use it to explain why you’re the perfect fit for the SNOW SIR Engineer role. Mention specific projects or experiences that demonstrate your expertise in ServiceNow and security operations.
Showcase Your Technical Skills: Be sure to include any technical skills that are relevant to the job, like your experience with REST APIs, Flow Designer, and integrations. We love seeing candidates who can hit the ground running with their technical know-how!
Apply Through Our Website: We encourage you to apply directly through our website. It’s the best way for us to keep track of your application and ensure it gets the attention it deserves. Plus, it shows you’re serious about joining our team!
How to prepare for a job interview at Experis
✨Know Your ServiceNow SIR Inside Out
Make sure you brush up on your knowledge of the ServiceNow Security Incident Response module. Be ready to discuss your hands-on experience and how you've implemented or optimised SIR in past roles. Prepare specific examples that showcase your skills in configuring workflows and automating processes.
✨Understand Cyber Security Fundamentals
Familiarise yourself with key cyber security concepts, especially incident response frameworks like NIST and ISO 27035. Be prepared to explain how these frameworks influence your approach to incident handling and how you can apply them within the ServiceNow platform.
✨Showcase Your Collaboration Skills
This role requires working closely with various teams, so be ready to share examples of how you've successfully collaborated with SOC analysts, IT operations, and compliance teams. Highlight your communication skills and how you translate technical requirements into actionable solutions.
✨Prepare for Scenario-Based Questions
Expect scenario-based questions that test your problem-solving abilities under pressure. Think about past incidents you've managed and how you approached triage, investigation, and resolution. Practising these scenarios will help you articulate your thought process clearly during the interview.