At a Glance
- Tasks: Design and optimise security workflows on the ServiceNow platform.
- Company: Join a forward-thinking tech company focused on security operations.
- Benefits: Competitive salary, flexible work options, and opportunities for growth.
- Other info: Inclusive environment welcoming diverse backgrounds and experiences.
- Why this job: Make a real impact in cybersecurity while working with cutting-edge tools.
- Qualifications: Experience with ServiceNow SecOps and strong integration skills.
The predicted salary is between 60000 - 80000 £ per year.
A ServiceNow SecOps Engineer designs, implements, and optimizes security operations workflows within the ServiceNow platform. The role bridges security tooling and IT service management, enabling efficient incident response, vulnerability remediation, and threat intelligence handling through automation and orchestration. Working closely with SOC teams, this engineer ensures security events are actionable, traceable, and continuously improved.
Key Responsibilities
- Incident Response
- Configure and manage ServiceNow Security Incident Response (SIR) module
- Integrate SIEM tools (e.g., Splunk) for real‑time alert ingestion
- Develop automated playbooks for triage, containment, and escalation
- Collaborate with SOC analysts to streamline response workflows
- Ensure proper documentation, tracking, and reporting of incidents
- Vulnerability Management
- Implement and maintain ServiceNow Vulnerability Response (VR)
- Integrate vulnerability scanners (e.g., Tenable, Qualys)
- Prioritise vulnerabilities using risk‑based scoring models
- Automate remediation workflows and track SLA compliance
- Provide dashboards and reporting for security posture visibility
- Threat Intelligence
- Configure ServiceNow Threat Intelligence (TI) module
- Ingest and normalise threat feeds from external sources
- Correlate threat intelligence with incidents and vulnerabilities
- Support proactive threat hunting initiatives
- Maintain indicators of compromise (IOCs) and threat libraries
- Security Orchestration & Automation
- Design and implement workflows using ServiceNow Flow Designer and IntegrationHub
- Integrate endpoint security tools (e.g., CrowdStrike) and other security platforms
- Build orchestration playbooks to reduce manual intervention
- Continuously improve automation efficiency and coverage
- Ensure secure and scalable API integrations across systems
Required Skills & Experience
- Strong experience with ServiceNow SecOps modules (SIR, VR, TI)
- Hands‑on integration experience with tools such as Splunk, CrowdStrike, Qualys, or Tenable
- Knowledge of security frameworks (e.g., NIST, ISO 27001)
- Experience with REST APIs, scripting (JavaScript), and automation tools
- Solid understanding of SOC operations and incident lifecycle
- Familiarity with cloud and endpoint security concepts
Preferred Qualifications
- ServiceNow Certified Implementation Specialist – Security Operations
- Experience with SOAR platforms and automation design
- Knowledge of threat intelligence frameworks (e.g., MITRE ATT&CK)
- Background in cybersecurity operations or engineering roles
We welcome applications from all individuals, regardless of background or identity, and we encourage candidates who may not meet every listed requirement to still apply. If you require any adjustments or support during the recruitment process, please let us know and we will work with you to ensure a fair and accessible experience.
Please Note: If a high volume of applications is received, only candidates shortlisted will be contacted.
ServiceNow SecOps Engineer in City of Westminster employer: Onyx-Conseil
As a ServiceNow SecOps Engineer, you will thrive in a dynamic work environment that prioritises innovation and collaboration. Our company fosters a culture of continuous learning and professional development, offering ample opportunities for growth while working alongside industry experts in a supportive atmosphere. Located in a vibrant area, we provide competitive benefits and a commitment to diversity, ensuring that every employee feels valued and empowered to make a meaningful impact.
StudySmarter Expert Advice🤫
We think this is how you could land ServiceNow SecOps Engineer in City of Westminster
✨Tip Number 1
Network like a pro! Reach out to folks in the industry, especially those already working with ServiceNow or in security operations. A friendly chat can lead to insider info about job openings and even referrals.
✨Tip Number 2
Show off your skills! Create a portfolio or a GitHub repository showcasing your projects related to ServiceNow SecOps. This gives potential employers a taste of what you can do and sets you apart from the crowd.
✨Tip Number 3
Prepare for interviews by brushing up on common scenarios in security operations. Think about how you would handle incidents or integrate tools like Splunk and CrowdStrike. Practice makes perfect!
✨Tip Number 4
Don’t forget to apply through our website! It’s the best way to ensure your application gets seen. Plus, we love hearing from passionate candidates who are eager to join our team.
We think you need these skills to ace ServiceNow SecOps Engineer in City of Westminster
Some tips for your application 🫡
Tailor Your CV:Make sure your CV highlights your experience with ServiceNow SecOps modules and relevant tools like Splunk and CrowdStrike. We want to see how your skills align with the role, so don’t be shy about showcasing your achievements!
Craft a Compelling Cover Letter:Your cover letter is your chance to shine! Use it to explain why you’re passionate about security operations and how your background makes you a great fit for our team. Keep it engaging and personal – we love to see your personality come through.
Showcase Relevant Projects:If you've worked on any projects related to incident response or vulnerability management, make sure to mention them! We’re interested in real-world examples of how you’ve tackled challenges and improved workflows.
Apply Through Our Website:We encourage you to apply directly through our website. It’s the best way for us to receive your application and ensures you’re considered for the role. Plus, it’s super easy – just follow the prompts and you’ll be all set!
How to prepare for a job interview at Onyx-Conseil
✨Know Your ServiceNow Inside Out
Make sure you’re well-versed in the ServiceNow SecOps modules, especially SIR, VR, and TI. Brush up on how these modules integrate with tools like Splunk and CrowdStrike, as this knowledge will show your technical prowess and readiness for the role.
✨Showcase Your Automation Skills
Prepare to discuss your experience with automation tools and scripting, particularly JavaScript. Bring examples of automated workflows or playbooks you've developed, as this will demonstrate your ability to streamline processes and improve efficiency.
✨Understand the Incident Lifecycle
Familiarise yourself with the incident response lifecycle and SOC operations. Be ready to explain how you’ve managed incidents in the past, including documentation and reporting, to highlight your practical experience in security operations.
✨Stay Current with Threat Intelligence
Research recent trends in threat intelligence and be prepared to discuss how you would correlate threat feeds with incidents. Showing that you’re proactive about threat hunting and familiar with frameworks like MITRE ATT&CK will set you apart from other candidates.
