Company Description It all started in sunny San Diego, California in 2004 when a visionary engineer, Fred Luddy, saw the potential to transform how we work. Fast forward to today - ServiceNow stands as a global market leader, bringing innovative AI-enhanced technology to over 8,100 customers, including 85% of the Fortune 500®. Our intelligent cloud-based platform seamlessly connects people, systems, and processes to empower organizations to find smarter, faster, and better ways to work. But this is just the beginning of our journey. Join us as we pursue our purpose to make the world work better for everyone. Job Description Project Delivery - Act as the primary technical liaison for projects, representing the development team to customers and ensuring the highest quality of delivered solutions. - Oversee technical delivery, ensuring alignment with client requirements and ServiceNow best practices for SecOps implementations. - Define and architect technical solutions at a detailed level, ensuring they align with clients' business needs and technological environments. - Lead technical onboarding with clients, assessing existing processes and platform configurations to tailor solutions effectively. - Perform hands on development on the ServiceNow platform leveraging all ServiceNow technologies and capabilities; Flow Designer, REST, JavaScript, HTML, CSS, SSO, Mid-servers, and more. - Serve as an escalation point for technical issues, implementing efficiencies and driving resolution of critical path challenges. - Mentor and guide developers and consultants on best practices in technical design and SecOps management workflows. Pre-Sales Support - Partner with the pre-sales team to scope complex service engagements involving ServiceNow products and intricate integrations with client systems, with a focus on SecOps and Integrated Risk Management (IRM) - Demonstrate thought leadership by contributing to webinars, white papers, and community groups, highlighting expertise in SecOps and Integrated Risk Management (IRM) Product Collaboration - Engage with ServiceNow product teams to provide feedback and insights on new features, capabilities, and best practices. - Participate in go-to-market strategies for new service offerings, ensuring alignment with Security Operations management trends and customer needs. Qualifications Qualifications Experience: Several years experience in consulting, configuration, and implementation of complex technologies, with at least 2 years focused on enterprise architecture and technical roadmaps. SecOps Expertise: Proven track record in designing and implementing SecOps solutions, with a solid understanding of industry-specific workflows, use cases, compliance requirements, and best practices. IRM Expertise: Proven experience in defining and deploying future-state leading practice for GRC processes and in identifying solutions from a people, process, and technology perspective. Strong understanding and experience with leading IRM toolsets such as ServiceNow, RSA Archer, IBM OpenPages, MetricStream, and BWise. Domains: Security Operations, Enterprise Security, Security Incident Response, Vulnerability Management, Threat Intelligence, Event Management, Integrated Risk Management, Leadership Skills: Ability to influence senior leaders and stakeholders, providing clear recommendations that address business and technical challenges in SecOps contexts. Technical Skills: Proficiency in creating architectural designs, solution presentations, and integration strategies, particularly within SecOps environments. Experience with Web Technologies (XML, HTML, JavaScript, Web Services, Bootstrap, CSS, middleware, LDAP, SSO, etc.) and working with SaaS technologies Certifications: Must hold or be able to achieve within the first 90 days ServiceNow certifications for SecOps Implementation Specialist, and Certified Technical Architect within the first year. Language: Fluent in English Additional Information Work Personas We approach our distributed world of work with flexibility and trust. Work personas (flexible, remote, or required in office) are categories that are assigned to ServiceNow employees depending on the nature of their work and their assigned work location. Learn more here . To determine eligibility for a work persona, ServiceNow may confirm the distance between your primary residence and the closest ServiceNow office using a third-party service. Equal Opportunity Employer ServiceNow is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, sex, sexual orientation, national origin or nationality, ancestry, age, disability, gender identity or expression, marital status, veteran status, or any other category protected by law. In addition, all qualified applicants with arrest or conviction records will be considered for employment in accordance with legal requirements. Accommodations We strive to create an accessible and inclusive experience for all candidates. If you require a reasonable accommodation to complete any part of the application process, or are unable to use this online application and need an alternative method to apply, please contact globaltalentss@servicenow.com for assistance. Export Control Regulations For positions requiring access to controlled technology subject to export control regulations, including the U.S. Export Administration Regulations (EAR), ServiceNow may be required to obtain export control approval from government authorities for certain individuals. All employment is contingent upon ServiceNow obtaining any export license or other approval that may be required by relevant export control authorities. From Fortune. ©2025 Fortune Media IP Limited. All rights reserved. Used under license.

• Advanced Threat Detection and Response: Monitor and analyze security alerts and incidents, conduct in-depth investigations, and respond to complex security threats, ensuring they are mitigated effectively. • Incident Management: Take the lead in managing security incidents, coordinating with other IT and security teams to contain, eradicate, and recover from security breaches. • Forensic Analysis: Perform detailed forensic analysis on compromised systems to identify root causes, attack vectors, and indicators of compromise (IOCs). • Vulnerability Management: Assist in the identification, assessment, and remediation of vulnerabilities within the organization’s infrastructure. • Security Tool Management: Maintain and optimize security tools and technologies, including SIEM, IDS/IPS, firewalls, and endpoint protection systems. • Collaboration: Work closely with Level 1 SOC Engineers, providing guidance, mentorship, and training to help them improve their skills and effectiveness in responding to security incidents. • Documentation: Create and maintain detailed documentation of security incidents, forensic analysis, and response actions, ensuring compliance with organizational policies and industry standards. • Reporting: Generate and analyze security reports, providing insights and recommendations to improve the organization’s security posture. • Continuous Improvement: Stay updated on the latest cybersecurity threats, vulnerabilities, and best practices, and contribute to the ongoing improvement of SOC processes and technologies. • On-Call Support: Participate in a rotating on-call schedule to provide after-hours support for critical security incidents.

• Implementation and support of Microsoft security products - primarily Defender, Sentinel SIEM as well as other adjacent security suite technologies • Designing and refining engineering standards and best practices • Conduct periodic Microsoft tenant health check assessments, audits, and architecture reviews • Work alongside SOC Analysts to improve security event detection capability • Research and implement new technologies that can be used within the SOC • Deploy automation throughout the SOC to improve the overall operational effectiveness of the SOC • Assisting with the triage and resolution of incidents alongside others • Draft reports and customer-facing documents to a high standard • Stay up to date with the latest cyber vulnerabilities and maintain an understanding of how Microsoft technologies can be used to protect clients • Assist with the development of more junior members of the team where required.

• Monitoring, analyzing and coordinating the handling of security incidents • Creating and reviewing rules and exceptions in customer environments • Documenting and reporting security incidents • Independent threat hunting based on defined hypotheses and procedures • Developing and improving security strategies and recommendations • Communicating with customers